Hello, A CVE[1] in dcmtk was fixed in 3.6.4 which is in F31+. F29 and F30 are still at 3.6.2 however, and need updating. This includes a soname bump ([2] vs [3]), though, so dependent packages will also need to be rebuilt and pushed as updates all at once. sudo dnf repoquery --source --whatrequires 'libdcm*(64bit)' [sudo] password for asinha: Last metadata expiration check: 0:53:07 ago on Fri 13 Sep 2019 14:07:55 BST. OpenImageIO-2.0.7-1.fc30.src.rpm OpenImageIO-2.0.9-1.fc30.src.rpm aeskulap-0.2.2-0.37.beta2.fc30.src.rpm ctk-0.1-0.10.20171224git71799c2.fc29.src.rpm dcmtk-3.6.2-4.fc29.src.rpm gtatool-2.2.0-11.fc28.src.rpm gtatool-2.2.3-1.fc30.src.rpm orthanc-1.5.4-1.fc30.src.rpm They all build correctly in F31 with the new version, so I do not expect any build failures. Could I please solicit the help of a proven-packager to rebuild them all in F29/F30 and push combined updates please? If you maintain any of these packages and have any concerns, please let us know. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1732222 [2] https://koji.fedoraproject.org/koji/rpminfo?rpmID=14644638 [3] https://koji.fedoraproject.org/koji/rpminfo?rpmID=18968192 -- Thanks, Regards, Ankur Sinha "FranciscoD" (He / Him / His) | https://fedoraproject.org/wiki/User:Ankursinha Time zone: Europe/London
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
