| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 01_dcmtk_3.6.0-1.patch | The original maintainer Jürgen Salk applied a set of patches to the original code. This file contains changes to C++ code |
Jürgen Salk <jsa@debian.org> | no | |||
| 03_datadic_install.patch | Install dict to versioned dir | Mathieu Malaterre <malat@debian.org> | no | debian | ||
| 04_Fixed-OFoptional-by-introducing-OFalign.patch | [PATCH] Fixed OFoptional by introducing OFalign? | Jan Schlamelcher <dicom@offis.de> | no | 2014-07-04 | ||
| 05_performance.patch | Fix a DCMTK performance problem Forwarded-Upstream: yes | Sebastien Jodogne <s.jodogne@chu.ulg.ac.be> | no | debian | 2015-05-15 | |
| 07_dont_export_all_executables.patch | Don't add executables to cmake exports CMake exports are used by other packages that compile and link against dcmtk. Because Debian moves some of these executables and also dosn't install the test executables, this import may fail leading to failure to configure the according package. |
Gert Wollny <gw.fossdev@gmail.com> | no | debian | ||
| 0001-Fixed-poss.-NULL-pointer-dereference-double-free.patch | Fixed poss. NULL pointer dereference/double free. Thanks to Jinsheng Ba <bajinsheng@u.nus.edu> for the report and some patches. |
Michael Onken <onken@open-connections.de> | no | 2021-10-02 | ||
| 0002-Fixed-possible-NULL-pointer-dereference.patch | Fixed possible NULL pointer dereference. Thanks to Jinsheng Ba <bajinsheng@u.nus.edu> for the report and patch. |
Michael Onken <onken@open-connections.de> | no | 2021-09-15 | ||
| 0003-Fixed-possible-NULL-pointer-dereference.patch | Fixed possible NULL pointer dereference. Fixed a possible NULL pointer dereference that could occur when reading an invalid DICOM file from stdin. Loading a file from the file system and receiving data over a network connection were not affected by this bug. Thanks to Sharon Brizinov and Noam Moshe from Claroty Research for the bug report and sample file. |
Marco Eichelberg <dicom@offis.de> | no | 2022-03-30 | ||
| 0004-Fixed-memory-leak-in-single-process-mode.patch | Fixed memory leak in single process mode. Fixed a memory leak in dcmqrscp's single process mode. Thanks to <songxiangpu@mail.sdu.edu.cn> for the bug report and test data. |
Marco Eichelberg <dicom@offis.de> | no | 2022-06-09 | ||
| 0005-Fixed-unchecked-typecasts-of-DcmItem-search-results.patch | Fixed unchecked typecasts of DcmItem::search results. DcmItem::search() returns a stack of DcmObject pointers as search results. These pointers in most instances need to be casted to DcmItem, DcmElement or a subclass of these. In many cases, the type of the object was not properly checked before the typecast. This could lead to segmentation faults when invalid DICOM datasets were processed where elements had the wrong value representation. |
Marco Eichelberg <dicom@offis.de> | no | 2024-04-15 | ||
| 0006-Fixed-unchecked-typecasts-and-fixed-LUT-handling.patch | Fixed unchecked typecasts and fixed LUT handling. This commit adds further fixes for unchecked typecasts of DcmItem::search() results (see description of previous commit). Furthermore, this commit specifically addresses the handling of look-up tables (LUTs) in module dcmpstat, where attribute (0028,3006) LUTData may use either US or OW value representation, and (0028,3002) LUTDescriptor may be either US or SS. The code should now properly handle all permitted value representations. LUTData is now always written as OW in order to avoid the 64k size limit for US in explicit VR encoding. Thanks to Martin Zeiser from the Cisco Talos team <vulndiscovery@external.cisco.com> for the bug report (TALOS-2024-1957). Together with the previous commit, this closes DCMTK issue #1120. |
Marco Eichelberg <dicom@offis.de> | no | 2024-04-15 | ||
| 0007-Fixed-wrong-error-handling-previous-commit.patch | Fixed wrong error handling (previous commit). Fixed wrong error handling introduced with the previous commit. |
Joerg Riesmeier <dicom@jriesmeier.com> | no | 2024-04-22 | ||
| 0008-Fixed-two-segmentation-faults.patch | Fixed two segmentation faults. Fixed two segmentations faults that could occur while processing an invalid incoming DIMSE message due to insufficient error handling causing a de-referenced NULL pointer. Thanks to Nils Bars <nils.bars@rub.de> for the bug report and sample files. This closes DCMTK issue #1114. |
Marco Eichelberg <dicom@offis.de> | no | 2024-03-13 | ||
| 0009-Fixed-issue-rendering-invalid-monochrome-image.patch | Fixed issue rendering invalid monochrome image. Fixed issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixels. If the stored number is less than the expected number, the rest of the pixel matrix for the intermediate representation was always filled with the value 0. Under certain, very rare conditions, this could result in memory problems reported by an Address Sanitizer (ASAN). Now, the rest of the matrix is filled with the smallest possible value for the image. Thanks to Emmanuel Tacheau from the Cisco Talos team <vulndiscovery@external.cisco.com> for the original report, the sample file (PoC) and further details. See TALOS-2024-2122 and CVE-2024-47796. |
Joerg Riesmeier <dicom@jriesmeier.com> | no | 2025-01-11 | ||
| 0010-Added-check-to-make-sure-HighBit-BitsAllocated.patch | Added check to make sure: HighBit < BitsAllocated. Added check to the image preprocessing to make sure that the value of HighBit is always less than the value of BitsAllocated. Before, this missing check could lead to memory corruption if an invalid combination of values was retrieved from a malformed DICOM dataset. Thanks to Emmanuel Tacheau from the Cisco Talos team <vulndiscovery@external.cisco.com> for the report, sample file (PoC) and detailed analysis. See TALOS-2024-2121 and CVE-2024-52333. |
Joerg Riesmeier <dicom@jriesmeier.com> | no | 2025-01-03 |