GNU bug report logs -
#26109
[PATCH 3/7] gnu: Add dcmtk.
Previous Next
Reported by: John Darrington <jmd <at> gnu.org>
Date: Wed, 15 Mar 2017 20:07:01 UTC
Severity: normal
Tags: patch
Done: Ricardo Wurmus <rekado <at> elephly.net>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
John Darrington <john <at> darrington.wattle.id.au> writes:
> On Fri, Mar 17, 2017 at 04:42:59PM -0400, Kei Kebreau wrote:
>
> Judging from the description of the software, it seems like this could
> fit in gnu/packages/image.scm.
> Also, the linter says that this package vulnerable to
> CVE-2015-8979. Supposedly this* upstream patch fixes it. Could you see
> if that fix works for this package?
>
> * https://github.com/commontk/DCMTK/commit/1b6bb76
>
>
> Unfortunately this patch doesn't go in. It seems that as well as fixing this
> vulnerability it also makes some unrelated changes. Furthermore, it depends
> on a whole lot of other patches which are not in this release.
>
> Do we have a procedure on what to do in cases like this?
>
> J'
I don't know if we have an official procedure, though we could try using
a later git snapshot with the security patch already integrated.
Hopefully that provides functionality compatible to that of the stable
release, though it's at least a five year difference between release times.
http://git.cmtk.org/?p=dcmtk.git,a=tags
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 8 years and 12 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.