-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 19 Jul 2023 16:48:56 +0200 Source: orthanc Binary: liborthancframework-dev liborthancframework1 liborthancframework1-dbgsym orthanc orthanc-dbgsym orthanc-dev Architecture: s390x Version: 1.9.2+really1.9.1+dfsg-1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Étienne Mollier Description: liborthancframework-dev - Orthanc Framework development files liborthancframework1 - Orthanc Framework library orthanc - Lightweight, RESTful DICOM server for medical imaging orthanc-dev - Orthanc development files Closes: 1040597 Changes: orthanc (1.9.2+really1.9.1+dfsg-1+deb11u1) bullseye-security; urgency=high . * Team upload. * cve-2023-33466.patch: disable file system writes. This patch backports the option RestApiWriteToFileSystemEnabled to Orthanc in Debian bullseye. This allows delivering Orthanc without being vulnerable to arbitrary writes to the file system by authenticated users, referenced as CVE-2023-33466. The legacy and vulnerable behaviour can be restored by setting the variable RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json. (Closes: #1040597) Checksums-Sha1: 3171fbb274f11b9d4b800917550f3fa06b0b67eb 104176 liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb ee51a6b4478b10add810afb37e633d252b065dc5 14849188 liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb e3a65db24ed5588fdab575d65934d2ded045ce9e 1485748 liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 62cc0ac1f46e002a022c0ee0630add8bfaa87344 36590476 orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 8f783b71db4fff685dddbc29d6677f76138c02c7 75080 orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 0fd355fc0e3de31dade96ee11964741c37255856 16904 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x-buildd.buildinfo 0d1c24eb069a253175af1af82eea9712bd540ae7 1378596 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb Checksums-Sha256: b91edcfded5bd87786f11bda4825d5a08babb484a149836a15398dd0167aa7a3 104176 liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb c042e272916abcafcfbb514a23a0ec44d59b5ee613f61ff112ed471a4cf5bc4b 14849188 liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb bb5a26018be078e551820f198ebd458c0ff1f4eb602057ca2fffdeec21113b95 1485748 liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 73f9deb131049172ab2e2b2f9b003a4514044c8caad4bc743cdc863f009108ba 36590476 orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb b760d3e3471c79764b238f8856590cc55baa1b6747d8bfc84e354de145d62958 75080 orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 9ca61a59c169e68a9f5ebea0a05e36289d69d29a4f1391d0715e99af60a8849f 16904 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x-buildd.buildinfo 09d10541d4981e8b2fd95ee4d5fe9eb30af2c5c1070b2ee054ee424323d7d1d0 1378596 orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb Files: 5d85156d9ee25963e3b634363f264937 104176 libdevel optional liborthancframework-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb e813fa682913d192f8bb031396f46825 14849188 debug optional liborthancframework1-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 8c8d95436ba0487376eb965f4b6fb682 1485748 libs optional liborthancframework1_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb d3a4e627c87e2cad1614c0cd1dee019b 36590476 debug optional orthanc-dbgsym_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb dea83e933034d323a16123159bfdd75d 75080 libdevel optional orthanc-dev_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb 79d3c7a48920f05cae541ff2a89b660b 16904 science optional orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x-buildd.buildinfo 70960a0f923e67658d1b5643c3ac6f5e 1378596 science optional orthanc_1.9.2+really1.9.1+dfsg-1+deb11u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKrZTN06npYMYIgrtXmwDt3BKCdIFAmS6s4AACgkQXmwDt3BK CdKDzBAAiJt5RgyVaURwIDxgfSQGiBUrR4UA7WIKQUUvDqvzWH+ZTIxzDeB+Aqo4 QhV6OXt1rjTQV9oshAcBiwZ1SrYRi0+5hjw6SGQKQ4ADk+7ASYRYi8t9gaW4B9GY RUR7cqRC2Zr475/F5WWxsNF8f84mqeUmHcVP78ZtVnvNhZo2MmO9C2GuBT+i6Nm9 fce2mhFXvDAp0RZ9Ib0F9K903tCBi30aExd8h8wST2Nrxpnsgr30WuDwOdoVm6Nn b4h9+qE8o1SP7ogQUA1hBRx53OJ3k0s4i2Q3rnA/siVPouZEYMWWOkKJ5K9yKg+/ M/Jo+xEx5q8+QZFUPepI0Lyu0sMc1aESz1r0eGyUm9N7i1J6mbjGIxDstsPANdso fcBU8qEUrKqhFS4zMCcBf1Ua6mjySNDciMbdURxtMfkkn3J/4J9fMvuzm+qTKA98 qGsa+rDmeR5UNSlCEv7H3Kqg5mAqQv8RKX133nuOnAmmJH1DENUZ56NCTinXNmAU m7kcf/LlkM8ysYqwqe95Q7lS8SgzIBVFNOCWMGSwFjJdD1yOFVpJRSthdn5KUcaN Ijpb9pB8c3VznCZugK2UsepXd53g/jGIn6G9G7QtkhyI1MhRY2vImF7er5eWu1Lm NLBasO2nnGnnG2hC1OH7iSAC8Jl5848EMuOveyLQC/8Z8ho/RwI= =zIRD -----END PGP SIGNATURE-----