On Fri, Sep 13, 2019 23:20:50 +0900, Mamoru TASAKA wrote:
Ankur Sinha wrote on 2019/09/13 23:07:
Well, actually some google search result is that the actual fix seems
https://github.com/commontk/DCMTK/commit/40917614e
and the tracker is
https://support.dcmtk.org/redmine/issues/858
ref:
https://nvd.nist.gov/vuln/detail/CVE-2019-1010228
So it seems if the above patch only can be applied, no rebuild is
needed.
Sure, I could do that---would that be the suggested thing to do?
Given that we have evidence that the dependent tools build properly,
this is a low risk update. So, I was hoping to update to the current
version to also give users the advantage of other fixes/enhancements
than carry a patch for the one fix---especially for F30 which still has
quite a life to live.
--
Thanks,
Regards,
Ankur Sinha "FranciscoD" (He / Him / His) |
https://fedoraproject.org/wiki/User:Ankursinha
Time zone: Europe/London