Activity

From 2026-04-26 to 2026-05-25

12:21 Bug #1212 (Closed): NULL dereference in json2dcm: Marco Eichelberg
12:15 Bug #1210 (Closed): wlmscpfs Called AE Title used as directory path unsanitized: Marco Eichelberg
12:02 Bug #1213: RLE decodeFrame() Heap-OOB Read: This issue has been registered as CVE-2026-44034. Marco Eichelberg
12:01 Bug #1214: Unbounded recursion in XMLParser library: This issue has been registered as CVE-2026-44033. Marco Eichelberg
12:01 Bug #1191: Stack Overflow via Deeply Nested DICOM Sequences: This issue has been registered as CVE-2026-44031. Marco Eichelberg
12:00 Bug #1194: OS command injection vulnerability in storescp --exec-on-reception: This issue has been registered as CVE-2026-44030. Marco Eichelberg

19:22 Bug #1214 (Closed): Unbounded recursion in XMLParser library: Closed by commit #d12e350e6.
Marco Eichelberg
19:19 Bug #1214 (Closed): Unbounded recursion in XMLParser library: The methods @XMLNode::ParseXMLElement()@ and @XMLNode::emptyTheNode()@ in @ofstd/libsrc/ofxml.cc@ recurse on the stac... Marco Eichelberg

18:05 Bug #1213 (Closed): RLE decodeFrame() Heap-OOB Read: Closed by commit #45469f3c3.
Marco Eichelberg
18:02 Bug #1213 (Closed): RLE decodeFrame() Heap-OOB Read: @DcmRLECodecDecoder::decodeFrame()@ (dcmdata/libsrc/dcrleccd.cc:583) calls @memcpy(rleHeader, rleData, 64)@ without v... Marco Eichelberg

09:30 Feature #1146 (Closed): Add character set options to dcm2json: Marco Eichelberg

17:33 Feature #1146: Add character set options to dcm2json: Closed by commit #4f8b940ae. Marco Eichelberg
15:15 Bug #1212: NULL dereference in json2dcm: Closed by commit #0748c6e28.
Marco Eichelberg
15:12 Bug #1212 (Closed): NULL dereference in json2dcm: @DcmJSONReader::createElement()@ will de-reference a NULL pointer if a call to @DcmItem::newDicomElementWithVR()@ fai... Marco Eichelberg
14:44 Bug #1211 (Closed): Heap-buffer-overflow in I2DBmpSource::parse24_32BppRow(): Closed by commit #68b57d3cf. Marco Eichelberg
14:37 Bug #1211 (Closed): Heap-buffer-overflow in I2DBmpSource::parse24_32BppRow(): An invalid BMP file with 16, 24 or 32 bit per pixel that contains a color palette (which is not permitted for these i... Marco Eichelberg

08:18 Bug #1210: wlmscpfs Called AE Title used as directory path unsanitized: Fixed with commit e3878daf870cd2db50eadfde38615f0afae8a584. Michael Onken
08:17 Bug #1210 (Closed): wlmscpfs Called AE Title used as directory path unsanitized: As reported by Abhinav Agarwal:
Root cause: Called AE Title from A-ASSOCIATE-RQ is concatenated directly onto dfPa... Michael Onken

15:12 Feature #1202 (Closed): Remove C++98 support and enable STL by default: Closed by commit #7354a5bdf.
Marco Eichelberg
08:54 Bug #1207 (Closed): Filename sanitation for DcmSCU/getscu's bit preserving mode: Fixed with cmomit eca9a03dd. Michael Onken
08:51 Bug #1207 (Closed): Filename sanitation for DcmSCU/getscu's bit preserving mode: Report from Abhinav Agarwal:
* Root cause: handleCGETSession() at scu.cc:1221-1226 passes raw AffectedSOPInstanceU... Michael Onken

19:34 Bug #1206: Remote Heap Buffer Overflow in dcmqrscp: This issue was apparently logged twice. See issue 1199: http://support.dcmtk.org/redmine/issues/1199 Marco Eichelberg
19:34 Bug #1199 (Closed): Security Vulnerability Report: Remote Heap Buffer Overflow in dcmqrscp (deleteOldestImages): This issue was apparently logged twice. See issue 1206: http://support.dcmtk.org/redmine/issues/1206 Marco Eichelberg

17:49 Bug #1206 (Closed): Remote Heap Buffer Overflow in dcmqrscp: Marco Eichelberg
17:48 Bug #1206: Remote Heap Buffer Overflow in dcmqrscp: Closed by commit #0f78a4ef6.
Marco Eichelberg
17:46 Bug #1206 (Closed): Remote Heap Buffer Overflow in dcmqrscp: In the function @deleteOldestImages()@ , an array named @StudyArray@ is allocated on the heap with a fixed size of @M... Marco Eichelberg
14:21 Bug #1205 (New): Building of a single shared library fails: As stated in the current INSTALL file, it should be possible to build DCMTK as a single shared library:
>>
Addition... Harald Roesen
13:49 Bug #1082 (Resolved): Possible memory leak in DcmDataset copy constructor: The example code given at https://forum.dcmtk.org/viewtopic.php?p=21813&sid=3600048928a3e7a38dc572191c13a3d6#p21813 s... Harald Roesen

Also available in: Atom

DCMTK