-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 19 Jul 2023 16:00:04 +0200
Source: orthanc
Binary: liborthancframework-dev liborthancframework1 liborthancframework1-dbgsym orthanc orthanc-dbgsym orthanc-dev
Architecture: mipsel
Version: 1.10.1+dfsg-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Étienne Mollier <emollier@debian.org>
Description:
 liborthancframework-dev - Orthanc Framework development files
 liborthancframework1 - Orthanc Framework library
 orthanc    - Lightweight, RESTful DICOM server for medical imaging
 orthanc-dev - Orthanc development files
Closes: 1040597
Changes:
 orthanc (1.10.1+dfsg-2+deb12u1) bookworm-security; urgency=high
 .
   * Team upload.
   * cve-2023-33466.patch: disable file system writes.
     This patch backports the option RestApiWriteToFileSystemEnabled to
     Orthanc in Debian bookworm.  This allows delivering Orthanc without
     being vulnerable to arbitrary writes to the file system by
     authenticated users, referenced as CVE-2023-33466.  The legacy and
     vulnerable behaviour can be restored by setting the variable
     RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json.
     (Closes: #1040597)
Checksums-Sha1:
 b6ac6e30f9a490091d60178ddafa28aa4114b8a9 113052 liborthancframework-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 e42876083a1ff8c63e26379c37665c8f0ac7d855 16169840 liborthancframework1-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 232dd8c4929c3a1bd4c17614eda4c1e77887d6d6 1679996 liborthancframework1_1.10.1+dfsg-2+deb12u1_mipsel.deb
 2c16294463a3aad287f7743d4758f56ab260d7ae 39325420 orthanc-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 60aa618ab7dd9337b8f04d6b6abfda08995b53db 79444 orthanc-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 5a8238640c0dbd1d3d0880e5f0f29ee985895721 16732 orthanc_1.10.1+dfsg-2+deb12u1_mipsel-buildd.buildinfo
 1bdb80eeae9644599136a302f913c39a0ee41028 1485568 orthanc_1.10.1+dfsg-2+deb12u1_mipsel.deb
Checksums-Sha256:
 83582a25138057df1d0c899c37bf94a30c0d86a58be75bf87f7c23fbf322182a 113052 liborthancframework-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 87513e8c2211eeb506907f34de7f0261ac215810b11ee500705ad52689e35c21 16169840 liborthancframework1-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 00cca0fc113a56f86ab86a9824af07722d09e32abf84c3a7672c918c3d88e689 1679996 liborthancframework1_1.10.1+dfsg-2+deb12u1_mipsel.deb
 8647b81c8d8f2cb31894ec9d93d725a7921a07fbb328274ab33f2d871d50f026 39325420 orthanc-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 0e2b8b9d8cf670c288037d7fcad8275f9aa2913700e7c55ab04694c204009dd4 79444 orthanc-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 a38a5cdb6c245eb3cedd3386e61b67b8c513aaa37682e8be57d60768fb46bc71 16732 orthanc_1.10.1+dfsg-2+deb12u1_mipsel-buildd.buildinfo
 9f73991b7bfd5b6dbdc48e77f316a41d1839fafce74fc8ebe867f4554986f78a 1485568 orthanc_1.10.1+dfsg-2+deb12u1_mipsel.deb
Files:
 20d8daee04e6f796f35cdc7a3e15e8f9 113052 libdevel optional liborthancframework-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 5900a4f02616187afda0feb2fe77ef19 16169840 debug optional liborthancframework1-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 3aa0baf02e308fed02c3b7a7e669a2ef 1679996 libs optional liborthancframework1_1.10.1+dfsg-2+deb12u1_mipsel.deb
 431220b2637fbe99655c5d874df081b2 39325420 debug optional orthanc-dbgsym_1.10.1+dfsg-2+deb12u1_mipsel.deb
 699541a29570c22094fffc1b5dd9430c 79444 libdevel optional orthanc-dev_1.10.1+dfsg-2+deb12u1_mipsel.deb
 d2d014051f35fba8a06075fad3543d64 16732 science optional orthanc_1.10.1+dfsg-2+deb12u1_mipsel-buildd.buildinfo
 c77757d1092b26f5abbbb44c36055005 1485568 science optional orthanc_1.10.1+dfsg-2+deb12u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7FUbSrfgk+qhJhySoQbzkdO+xGgFAmTTTowACgkQoQbzkdO+
xGjYuhAA0MhuFxn4osZyzuige6Bd1FvXjatz5JJJA7IUWaTuhZ+y67y1hB6NKpXl
TWqAfGN6I2ouEOvP+7c+OUEwHjzmJz6/iUXOPHxCS9xs8qn0Fqr7yw5nrK0zcns7
yVwe0rccDNQYseHjTFiHhLYImTXNxiviMmfAxj3mnyjBbGxn834yI2JMNTD2wuzZ
EULAJ5+j0xNFvprHYaD6/VIdrbYkgO9DiXf69hDdgzcpJVhSZc1oRtPkWsHyhiM4
AFlTyn0dlu4GIZo2BRYyD+GulYkq+PWdq8os/xowrKbP2668skhixtC7ueJP0RH0
BjqzX30jhWPl/Gy/zaT62kPpwFzwceq2AZQevV474+1HJKMgqHgIlb7rKXLeGimk
g5bZgHz0oSjiBA5TwiJTgqqR0zHd6dw2bgObrXrAI2iy19JE2CedHM17ugmQJV0M
DV10dtZ9oOevVSjzg/Tasy1ZP4IGIN5W7Keqrrj75bi+8jNbLENj/9ayHMEtgGZB
SSoPfax5rhqiHro1nkthNT4rzNCgL1MVFFwOKInSH7sztbgpoWnOb/e34xjdSDn8
0aIKxCyFVkzrd2Gay30Esc8nA8H2AEW6PGRnvsuPL4x87bJeEVdPY4lLxWLoxm6j
osDnsW8Bpu9fh/RdjqharrCNullWM9qtJzmLBUlNZ+z0IsXiWXA=
=ZKfB
-----END PGP SIGNATURE-----