-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 19 Jul 2023 16:48:56 +0200 Source: orthanc Binary: liborthancframework-dev liborthancframework1 liborthancframework1-dbgsym orthanc orthanc-dbgsym orthanc-dev Architecture: i386 Version: 1.9.2+really1.9.1+dfsg-1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Étienne Mollier Description: liborthancframework-dev - Orthanc Framework development files liborthancframework1 - Orthanc Framework library orthanc - Lightweight, RESTful DICOM server for medical imaging orthanc-dev - Orthanc development files Closes: 1040597 Changes: orthanc (1.9.2+really1.9.1+dfsg-1+deb11u1) bullseye-security; urgency=high . * Team upload. * cve-2023-33466.patch: disable file system writes. This patch backports the option RestApiWriteToFileSystemEnabled to Orthanc in Debian bullseye. This allows delivering Orthanc without being vulnerable to arbitrary writes to the file system by authenticated users, referenced as CVE-2023-33466. The legacy and vulnerable behaviour can be restored by setting the variable RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json. (Closes: #1040597) Checksums-Sha1: a3a64c7aed580d3e19f03cee0122c7ae9df8eef9 104172 liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 8f65edba7bea62fa8f947ecabb613e8ef6946f50 14255084 liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb ea8dcede466c160a158cccf3c6d42d539cd5c3e3 1690944 liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb a7aa856621530eba4212a05e6fbe546d1cbcf4c2 35397520 orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 6e88c6fee2e64f8da1160647d5a5126907cd8c3d 75080 orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb fc339cd548e3254518ff942c2fd20a8fb96d69f2 16940 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386-buildd.buildinfo f579b0641a08e81fe713233627a544cec0436403 1679964 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb Checksums-Sha256: a63361ea7de53406cc8b86e181f40f80f1a0e0da71bab27cf162a4739c276415 104172 liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 952c13c850464192ffd841a90160c7939814cb98054ce5a384486b02d4e82314 14255084 liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb a55bff19839b4643d910893b10bc4e15ce2bd7ece88c2fdf4a0cb83d7fa201fc 1690944 liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb e552176148f5aa941a507414b1b82a515d90ffde99dc4018940117139567ac5b 35397520 orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 4cac75f7d20979eca2e43f086415593c01e2b605c8d956c361674b7e6ef517b2 75080 orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 8e692802f0d2c03b2e32e6839e461dfb2ebb4a26ddad6bf23a3472655232525c 16940 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386-buildd.buildinfo 9d95ed4d5c6935f1569cea3c224c43d3208e21cdc0827c60a3cad55ed6dea89c 1679964 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb Files: ca46e427e9c92bb5b6a6eaefdff4c410 104172 libdevel optional liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb eea8f3d4ce976a4e8fa8580cce830317 14255084 debug optional liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 6f4f7b244bab2f0e7501b97ad170ef96 1690944 libs optional liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 1c3b082c3f56df5e441c3f6d544eba15 35397520 debug optional orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb 27d28cd300f2d858d1e7196ee1bacaca 75080 libdevel optional orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb b9f499060fbb47baf70b8e4f78634637 16940 science optional orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386-buildd.buildinfo 7426d9e3231c60f1de8574e896fe8846 1679964 science optional orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE85oDfSLnwLkvY4Ibj5YjFeDZ0JMFAmS6srEACgkQj5YjFeDZ 0JNkkA//erWlERl+Ta4QU2Ga9CHNbmXTQWwYc+tHW0rCDpe9LsdIJYAtqwoxCbK4 OhswsnhZg40+4/WFoBGihKmbjjwug05SoOymXTbZIjg0N86tF6QD4Fuf5a7jFZUp MUV48nfQ53I7HuZyECP0djgknTEcchDsiFb+Bk2Gvl2wNeCeGVfK1iAUVXsRRuSK ITEfDzNmdFAdzA0niw8je78v2TDPXzAGrWtmabI+Q5AKLXeOBF7ioz+t0pnCPbR8 1tWQQH4nzLYK9gjoWhpgggaO7pU3DADEzSpX6Tcc4tJ3g31jPXr7Qg8Pgu/vUxQ1 v2hRKLbJsS/Dbf+cJUKHqh0NBTSJTPrTJRhdNQvh5rGYdCD99jCySPrlP2FEu+Ha mkk9r2anENQ2hUUFABu3kSG5SQyR8Jw7juxbxpsZT9IfaI1W2X3m0Rb17Hi46/Aq OYst0hOdKw9QPNo2dc+MqmJd5gZJb/JES8vJqDr0tVtcMvWC9G0wQWfTPjC9Pb9F QedYhIo98JZIgEUB6fxJZtbO4NXgTjRAhDzTbYeeRFy3EaHQpbUWlBEOI532bJ79 jgfbTEEf/ZAU7IC2a7H6LJTENsILAQcFsUO3gcP87LyJJEOJ5O3rDHygRE1GUwoD VrmTepDofGLFHSwjN8fTgzay1MKyBwDCjDXrXIksm2fz49RfN10= =3/3O -----END PGP SIGNATURE-----