Skip to content

Commit

Permalink
BUG: Update DCMTK to backport fixes for CVE-2022-2119 and CVE-2022-2120
Browse files Browse the repository at this point in the history
Backport security fixes from the following post
https://forum.dcmtk.org/viewtopic.php?t=5192 because of the following CVE:
* [CVE-2022-2119](https://www.cvedetails.com/cve/CVE-2022-2119/)
* [CVE-2022-2120](https://www.cvedetails.com/cve/CVE-2022-2120/)

List of DCMTK changes:

```
$ git shortlog 0f9bf4d9e..11972eaa4 --no-merges
Marco Eichelberg (2):
      [Backport] Fixed possible NULL pointer dereference.
      [Backport] Fixed path traversal vulnerability.
```

Co-authored-by: malbi <[email protected]>
  • Loading branch information
jcfr and malbi committed Oct 28, 2024
1 parent d7ce6d9 commit 234145a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion CMakeExternals/DCMTK.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ if(DEFINED DCMTK_DIR AND NOT EXISTS ${DCMTK_DIR})
endif()

if(NOT DEFINED DCMTK_DIR AND NOT ${CMAKE_PROJECT_NAME}_USE_SYSTEM_${proj})
set(revision_tag "0f9bf4d9e9a778c11fdddafca691b451c2b621bc") # patched-DCMTK-3.6.6_20210115
set(revision_tag "11972eaa4ecdbf3aab0f46eff78f33d7e2b16bfe") # patched-DCMTK-3.6.6_20210115
if(${proj}_REVISION_TAG)
set(revision_tag ${${proj}_REVISION_TAG})
endif()
Expand Down

0 comments on commit 234145a

Please sign in to comment.