Control: clone -1 -2 Control: retitle -1 dcmtk: CVE-2022-2121 Control: retitle -2 dcmtk: CVE-2022-2119 CVE-2022-2120 Control: fixed -1 3.6.7-1
Hi On Wed, Jun 29, 2022 at 10:43:59AM +0200, Mathieu Malaterre wrote: > Package: dcmtk > Version: 3.6.5-1 > Severity: important > > Dear Maintainer, > > Multiples CVEs have been reported against DCMTK: > > - CVE-2022-2119 > - CVE-2022-2120 > - CVE-2022-2121 > > Should we track them ? Should it be handled by debian-security team ? Cloning/splitting this bug in two because CVE-2022-2121 got fixed in the 3.6.7 release upstream but CVE-2022-2120 and CVE-2022-2121 only afterwards. Regards, Salvatore
