[med-svn] r16342 - in trunk/packages/dcmtk/branches/experimental/debian: . patches
Mathieu Malaterre
malat at moszumanska.debian.org
Thu Feb 27 16:38:10 UTC 2014
Author: malat
Date: 2014-02-27 16:38:10 +0000 (Thu, 27 Feb 2014)
New Revision: 16342
Removed:
trunk/packages/dcmtk/branches/experimental/debian/patches/setuid.patch
Modified:
trunk/packages/dcmtk/branches/experimental/debian/changelog
trunk/packages/dcmtk/branches/experimental/debian/copyright
trunk/packages/dcmtk/branches/experimental/debian/patches/series
trunk/packages/dcmtk/branches/experimental/debian/patches/setuid2.patch
Log:
prepare next upload
Modified: trunk/packages/dcmtk/branches/experimental/debian/changelog
===================================================================
--- trunk/packages/dcmtk/branches/experimental/debian/changelog 2014-02-27 16:32:08 UTC (rev 16341)
+++ trunk/packages/dcmtk/branches/experimental/debian/changelog 2014-02-27 16:38:10 UTC (rev 16342)
@@ -1,3 +1,11 @@
+dcmtk (3.6.1~20131114-6) experimental; urgency=low
+
+ * Remove non-ASCII char. Closes: #732673
+ * Fix setuid return value. Closes: #731434
+ * Update old copyright. Closes: #732672
+
+ -- Mathieu Malaterre <malat at debian.org> Thu, 27 Feb 2014 17:33:18 +0100
+
dcmtk (3.6.1~20131114-5) experimental; urgency=low
* Increase timeout a little to fix issue on s390x
Modified: trunk/packages/dcmtk/branches/experimental/debian/copyright
===================================================================
--- trunk/packages/dcmtk/branches/experimental/debian/copyright 2014-02-27 16:32:08 UTC (rev 16341)
+++ trunk/packages/dcmtk/branches/experimental/debian/copyright 2014-02-27 16:38:10 UTC (rev 16342)
@@ -1,6 +1,9 @@
This package was debianized by Juergen Salk <juergen.salk at gmx.de> on
Tue, 20 Dec 2005 23:06:31 +0100
+It has been updated by Mathieu Malaterre <malat at debian.org> on
+Tue, 08 Feb 2011 19:12:12 +0100
+
It was downloaded from ftp://dicom.offis.de/pub/dicom/offis/software/dcmtk
Upstream Author: OFFIS DICOM Team <dicom at offis.de>
@@ -11,34 +14,52 @@
following copyright:
/*
- * Copyright (C) 1994-2004, OFFIS
+ * Copyright (C) 1994-2011, OFFIS e.V.
+ * All rights reserved.
*
* This software and supporting documentation were developed by
*
- * Kuratorium OFFIS e.V.
- * Healthcare Information and Communication Systems
+ * OFFIS e.V.
+ * R&D Division Health
* Escherweg 2
- * D-26121 Oldenburg, Germany
+ * 26121 Oldenburg, Germany
*
- * THIS SOFTWARE IS MADE AVAILABLE, AS IS, AND OFFIS MAKES NO WARRANTY
- * REGARDING THE SOFTWARE, ITS PERFORMANCE, ITS MERCHANTABILITY OR
- * FITNESS FOR ANY PARTICULAR USE, FREEDOM FROM ANY COMPUTER DISEASES OR
- * ITS CONFORMITY TO ANY SPECIFICATION. THE ENTIRE RISK AS TO QUALITY AND
- * PERFORMANCE OF THE SOFTWARE IS WITH THE USER.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
*
- * Copyright of the software and supporting documentation is, unless
- * otherwise stated, owned by OFFIS, and free access is hereby granted as
- * a license to use this software, copy this software and prepare
- * derivative works based upon this software. However, any distribution
- * of this software source code or supporting documentation or derivative
- * works (source code and supporting documentation) must include the
- * three paragraphs of this copyright notice.
+ * - Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
*
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of OFFIS nor the names of its contributors may be
+ * used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
*/
+Please note that some DCMTK modules, especially those that are not part
+of the free toolkit, are covered by a separate license which can be found
+in the COPYRIGHT file in the corresponding module directory.
+
Some portions of the DCMTK software package are derived from earlier
versions of this software with the following copyright, and can be
-identifed by the following copyright notice located in each source file:
+identified by the following copyright notice located in each source file:
/*
* Copyright (C) 1993/1994, OFFIS, Oldenburg University and CERIUM
@@ -87,12 +108,12 @@
*
*/
-Some other parts of this software within the dcmtk/dcmnet
-sub-package related to the DICOM Upper Layer Protocol are
-derived from software developed for the RSNA'93 DICOM
-demonstration and kindly made available to us by the Mallinckrodt
-Institute of Radiology. Such software can be identifed by the
-following copyright notice located in each affected source file:
+Some other parts of this software within the dcmtk/dcmnet sub-package
+related to the DICOM Upper Layer Protocol are derived from software
+developed for the RSNA'93 DICOM demonstration and kindly made available
+to us by the Mallinckrodt Institute of Radiology. Such software can be
+identified by the following copyright notice located in each affected
+source file:
/*
* Copyright (C) 1993, RSNA and Washington University
@@ -126,8 +147,8 @@
* the copyright notice.
*/
-The dcmjpeg sub-package includes an adapted version of the Independent JPEG
-Group Toolkit Version 6b, which is contained in dcmjpeg/libijg8,
+The dcmjpeg sub-package includes an adapted version of the Independent
+JPEG Group Toolkit Version 6b, which is contained in dcmjpeg/libijg8,
dcmjpeg/libijg12 and dcmjpeg/libijg16. This toolkit is covered by the
following copyright. The original README file for the Independent JPEG
Group Toolkit is located in dcmjpeg/docs/ijg_readme.txt.
@@ -169,10 +190,25 @@
* assumed by the product vendor.
*/
+The code for the interpolatePixel() image scaling algorithm in module
+dcmimgle has been derived from code written by Jef Poskanzer for the
+"Extended Portable Bitmap Toolkit" (pbmplus10dec91) which has the
+following copyright:
+/*
+ * Copyright (C) 1991 by Jef Poskanzer.
+ *
+ * Permission to use, copy, modify, and distribute this software and its
+ * documentation for any purpose and without fee is hereby granted, provided
+ * that the above copyright notice appear in all copies and that both that
+ * copyright notice and this permission notice appear in supporting
+ * documentation. This software is provided "as is" without express or
+ * implied warranty.
+ */
+
The color quantization code in module dcmimage (dcmquant and the related
-classes) is derived from code written by Jef Poskanzer for the NetPBM
-toolkit which has the following copyright:
+classes) has been derived from code written by Jef Poskanzer for the
+NetPBM toolkit which has the following copyright:
/*
* Copyright (C) 1989, 1991 by Jef Poskanzer.
@@ -185,7 +221,6 @@
* implied warranty.
*/
-
The code for the OFStandard::strlcpy and OFStandard::strlcat helper
functions in ofstd/libsrc/ofstd.cc has been derived from the BSD
implementation of strlcpy() and strlcat() and which carries the
@@ -218,11 +253,10 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+The code for the OFStandard::atof helper function in ofstd/libsrc/ofstd.cc
+has been derived from an implementation which carries the following
+copyright notice:
-The code for the OFStandard::atof helper function in
-ofstd/libsrc/ofstd.cc has been derived from an implementation which
-carries the following copyright notice:
-
/*
* Copyright 1988 Regents of the University of California
* Permission to use, copy, modify, and distribute this software and
@@ -262,59 +296,87 @@
* provided the authors copyright notice remains intact.
*/
-The dcmjp2k sub-package (which is currently not part of the free
-toolkit) includes an adapted version of the JasPer JPEG 2000 toolkit,
-which is contained in dcmjp2k/libjaspr. This toolkit is covered by
-the following copyright.
+The oflog sub-package is based on the log4cplus library which is covered by
+the following two copyright notices (for details see oflog/docs/LICENSE):
-/* JasPer License Version 2.0
+/*
+ * Copyright (C) 1999-2009 Contributors to log4cplus project.
+ * All rights reserved.
*
- * Copyright (c) 1999-2000 Image Power, Inc.
- * Copyright (c) 1999-2000 The University of British Columbia
- * Copyright (c) 2001-2003 Michael David Adams
+ * Redistribution and use in source and binary forms, with or without modifica-
+ * tion, are permitted provided that the following conditions are met:
*
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLU-
+ * DING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+// Module: Log4CPLUS
+// File: appender.h
+// Created: 6/2001
+// Author: Tad E. Smith
+//
+//
+// Copyright 2001-2009 Tad E. Smith
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+The dcmjpls sub-package is based on the CharLS library, which is contained
+in dcmjpls/libcharls. This toolkit is covered by the following copyright:
+
+/*
+ * The CharLS library is available under the following license:
+ * -------------------------------------------------------------------------------
+ * Copyright (c) 2007-2010, Jan de Vaan
* All rights reserved.
*
- * Permission is hereby granted, free of charge, to any person (the
- * "User") obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without restriction,
- * including without limitation the rights to use, copy, modify, merge,
- * publish, distribute, and/or sell copies of the Software, and to permit
- * persons to whom the Software is furnished to do so, subject to the
- * following conditions:
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
*
- * 1. The above copyright notices and this permission notice (which
- * includes the disclaimer below) shall be included in all copies or
- * substantial portions of the Software.
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
*
- * 2. The name of a copyright holder shall not be used to endorse or
- * promote products derived from the Software without specific prior
- * written permission.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
*
- * THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS
- * LICENSE. NO USE OF THE SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER
- * THIS DISCLAIMER. THE SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS
- * "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
- * BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
- * PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO
- * EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
- * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. NO ASSURANCES ARE
- * PROVIDED BY THE COPYRIGHT HOLDERS THAT THE SOFTWARE DOES NOT INFRINGE
- * THE PATENT OR OTHER INTELLECTUAL PROPERTY RIGHTS OF ANY OTHER ENTITY.
- * EACH COPYRIGHT HOLDER DISCLAIMS ANY LIABILITY TO THE USER FOR CLAIMS
- * BROUGHT BY ANY OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL
- * PROPERTY RIGHTS OR OTHERWISE. AS A CONDITION TO EXERCISING THE RIGHTS
- * GRANTED HEREUNDER, EACH USER HEREBY ASSUMES SOLE RESPONSIBILITY TO SECURE
- * ANY OTHER INTELLECTUAL PROPERTY RIGHTS NEEDED, IF ANY. THE SOFTWARE
- * IS NOT FAULT-TOLERANT AND IS NOT INTENDED FOR USE IN MISSION-CRITICAL
- * SYSTEMS, SUCH AS THOSE USED IN THE OPERATION OF NUCLEAR FACILITIES,
- * AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL
- * SYSTEMS, DIRECT LIFE SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH
- * THE FAILURE OF THE SOFTWARE OR SYSTEM COULD LEAD DIRECTLY TO DEATH,
- * PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE ("HIGH
- * RISK ACTIVITIES"). THE COPYRIGHT HOLDERS SPECIFICALLY DISCLAIM ANY
- * EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR HIGH RISK ACTIVITIES.
+ * * Neither the name of my employer, nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
Modified: trunk/packages/dcmtk/branches/experimental/debian/patches/series
===================================================================
--- trunk/packages/dcmtk/branches/experimental/debian/patches/series 2014-02-27 16:32:08 UTC (rev 16341)
+++ trunk/packages/dcmtk/branches/experimental/debian/patches/series 2014-02-27 16:38:10 UTC (rev 16342)
@@ -8,7 +8,7 @@
#spelling.patch
#ofstd_markup_6.patch
warn_unused_result.patch
-setuid.patch
+setuid2.patch
import_git.patch
timeout.patch
tpool_fix.patch
Deleted: trunk/packages/dcmtk/branches/experimental/debian/patches/setuid.patch
===================================================================
--- trunk/packages/dcmtk/branches/experimental/debian/patches/setuid.patch 2014-02-27 16:32:08 UTC (rev 16341)
+++ trunk/packages/dcmtk/branches/experimental/debian/patches/setuid.patch 2014-02-27 16:38:10 UTC (rev 16342)
@@ -1,109 +0,0 @@
-Description: fix issue with setuid
-Author: Mathieu Malaterre <malat at debian.org>
-Bug-Debian: http://bugs.debian.org/731434
-Forwarded: no
-
---- dcmtk-3.6.1~20131114.orig/dcmpstat/apps/dcmprscp.cc
-+++ dcmtk-3.6.1~20131114/dcmpstat/apps/dcmprscp.cc
-@@ -469,7 +469,11 @@ int main(int argc, char *argv[])
- * and run by another user. Running as root user may be
- * potentially disasterous if this program screws up badly.
- */
-- setuid(getuid());
-+ if( setuid(getuid()) )
-+ {
-+ OFLOG_FATAL(dcmprscpLogger, "cannot setuid");
-+ return 1;
-+ }
- #endif
-
- #ifdef HAVE_FORK
---- dcmtk-3.6.1~20131114.orig/dcmpstat/apps/dcmpsrcv.cc
-+++ dcmtk-3.6.1~20131114/dcmpstat/apps/dcmpsrcv.cc
-@@ -1275,7 +1275,11 @@ int main(int argc, char *argv[])
- * and run by another user. Running as root user may be
- * potentially disasterous if this program screws up badly.
- */
-- setuid(getuid());
-+ if( setuid(getuid()) )
-+{
-+ OFLOG_FATAL(dcmpsrcvLogger, "cannot setuid");
-+ return 1;
-+}
- #endif
-
- #ifdef HAVE_FORK
---- dcmtk-3.6.1~20131114.orig/dcmqrdb/apps/dcmqrscp.cc
-+++ dcmtk-3.6.1~20131114/dcmqrdb/apps/dcmqrscp.cc
-@@ -685,7 +685,11 @@ main(int argc, char *argv[])
- * and run by another user. Running as root user may be
- * potentially disasterous if this program screws up badly.
- */
-- setuid(getuid());
-+ if( setuid(getuid()) )
-+ {
-+ OFLOG_FATAL(dcmqrscpLogger, "cannot setuid" );
-+ return 10;
-+ }
- #endif
-
- #if defined(HAVE_SETUID) && defined(HAVE_GRP_H) && defined(HAVE_PWD_H)
---- dcmtk-3.6.1~20131114.orig/dcmnet/apps/storescp.cc
-+++ dcmtk-3.6.1~20131114/dcmnet/apps/storescp.cc
-@@ -1071,7 +1071,11 @@ int main(int argc, char *argv[])
- * root, and run by another user. Running as root user may be
- * potentially disastrous if this program screws up badly.
- */
-- setuid(getuid());
-+ if( setuid(getuid()) )
-+ {
-+ OFLOG_ERROR(storescpLogger, "cannot setuid" );
-+ return 1;
-+ }
- #endif
-
- #ifdef WITH_OPENSSL
---- dcmtk-3.6.1~20131114.orig/dcmnet/apps/movescu.cc
-+++ dcmtk-3.6.1~20131114/dcmnet/apps/movescu.cc
-@@ -758,7 +758,11 @@ main(int argc, char *argv[])
- * root, and run by another user. Running as root user may be
- * potentially disasterous if this program screws up badly.
- */
-- setuid(getuid());
-+ if( setuid(getuid()) )
-+ {
-+ OFLOG_FATAL(movescuLogger, "cannot setuid " );
-+ return 1;
-+ }
- #endif
-
- /* set up main association */
---- dcmtk-3.6.1~20131114.orig/dcmnet/libsrc/scp.cc
-+++ dcmtk-3.6.1~20131114/dcmnet/libsrc/scp.cc
-@@ -117,7 +117,11 @@ OFCondition DcmSCP::listen()
- // things go very wrong. Only works if the program is setuid root,
- // and run by another user. Running as root user may be
- // potentially disastrous if this program screws up badly.
-- setuid( getuid() );
-+ if( setuid( getuid() ) )
-+ {
-+ DCMNET_ERROR("No privileges for setuid");
-+ return NET_EC_InsufficientPortPrivileges;
-+ }
- #endif
-
- // If we get to this point, the entire initialization process has been completed
---- dcmtk-3.6.1~20131114.orig/dcmwlm/libsrc/wlmactmg.cc
-+++ dcmtk-3.6.1~20131114/dcmwlm/libsrc/wlmactmg.cc
-@@ -246,7 +246,10 @@ OFCondition WlmActivityManager::StartPro
- // things go very wrong. Only works if the program is setuid root,
- // and run by another user. Running as root user may be
- // potentially disasterous if this program screws up badly.
-- setuid( getuid() );
-+ if( setuid( getuid() ) )
-+ {
-+ return( WLM_EC_InitializationOfNetworkConnectionFailed );
-+ }
- #endif
-
- // If we get to this point, the entire initialization process has been completed
Modified: trunk/packages/dcmtk/branches/experimental/debian/patches/setuid2.patch
===================================================================
--- trunk/packages/dcmtk/branches/experimental/debian/patches/setuid2.patch 2014-02-27 16:32:08 UTC (rev 16341)
+++ trunk/packages/dcmtk/branches/experimental/debian/patches/setuid2.patch 2014-02-27 16:38:10 UTC (rev 16342)
@@ -18,38 +18,11 @@
dcmwlm/libsrc/wlmactmg.cc | 6 +++++-
9 files changed, 56 insertions(+), 8 deletions(-)
-diff --git a/CHANGES.361 b/CHANGES.361
-index 7152b64..c7385a2 100644
---- a/CHANGES.361
-+++ b/CHANGES.361
-@@ -1,6 +1,22 @@
-
- Changes between releases are documented here.
-
-+**** Changes from 2014.02.19 (onken)
-+
-+- Make sure to handle setuid() return code properly:
-+ In some tools the return value of setuid() is not checked. In the worst
-+ case this could lead to privilege escalation since the process does not
-+ give up its root privileges and continue as root. Thanks to Hector Marco
-+ <hecmargi at upv.es> for the report.
-+ Affects: dcmnet/apps/movescu.cc
-+ dcmnet/apps/storescp.cc
-+ dcmnet/libsrc/scp.cc
-+ dcmpstat/apps/dcmprscp.cc
-+ dcmpstat/apps/dcmpsrcv.cc
-+ dcmpstat/tests/msgserv.cc
-+ dcmqrdb/apps/dcmqrscp.cc
-+ dcmwlm/libsrc/wlmactmg.cc
-+
- **** Changes from 2014.02.12 (riesmeier)
-
- - Consistently use upper case letters for DICOM tags.
-diff --git a/dcmnet/apps/movescu.cc b/dcmnet/apps/movescu.cc
-index 0e98b7b..811c980 100644
---- a/dcmnet/apps/movescu.cc
-+++ b/dcmnet/apps/movescu.cc
-@@ -758,7 +758,11 @@ main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmnet/apps/movescu.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmnet/apps/movescu.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmnet/apps/movescu.cc 2014-02-27 17:29:13.556616070 +0100
+@@ -758,7 +758,11 @@
* root, and run by another user. Running as root user may be
* potentially disasterous if this program screws up badly.
*/
@@ -62,11 +35,11 @@
#endif
/* set up main association */
-diff --git a/dcmnet/apps/storescp.cc b/dcmnet/apps/storescp.cc
-index 2dfc512..b91f158 100644
---- a/dcmnet/apps/storescp.cc
-+++ b/dcmnet/apps/storescp.cc
-@@ -1071,7 +1071,11 @@ int main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmnet/apps/storescp.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmnet/apps/storescp.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmnet/apps/storescp.cc 2014-02-27 17:29:13.556616070 +0100
+@@ -1071,7 +1071,11 @@
* root, and run by another user. Running as root user may be
* potentially disastrous if this program screws up badly.
*/
@@ -79,11 +52,11 @@
#endif
#ifdef WITH_OPENSSL
-diff --git a/dcmnet/libsrc/scp.cc b/dcmnet/libsrc/scp.cc
-index 3d974b6..cf3d06f 100644
---- a/dcmnet/libsrc/scp.cc
-+++ b/dcmnet/libsrc/scp.cc
-@@ -117,7 +117,11 @@ OFCondition DcmSCP::listen()
+Index: dcmtk-3.6.1~20131114/dcmnet/libsrc/scp.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmnet/libsrc/scp.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmnet/libsrc/scp.cc 2014-02-27 17:29:13.556616070 +0100
+@@ -117,7 +117,11 @@
// things go very wrong. Only works if the program is setuid root,
// and run by another user. Running as root user may be
// potentially disastrous if this program screws up badly.
@@ -96,11 +69,11 @@
#endif
// If we get to this point, the entire initialization process has been completed
-diff --git a/dcmpstat/apps/dcmprscp.cc b/dcmpstat/apps/dcmprscp.cc
-index 5e82165..a6743c8 100644
---- a/dcmpstat/apps/dcmprscp.cc
-+++ b/dcmpstat/apps/dcmprscp.cc
-@@ -469,7 +469,11 @@ int main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmpstat/apps/dcmprscp.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmpstat/apps/dcmprscp.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmpstat/apps/dcmprscp.cc 2014-02-27 17:29:13.556616070 +0100
+@@ -469,7 +469,11 @@
* and run by another user. Running as root user may be
* potentially disasterous if this program screws up badly.
*/
@@ -113,11 +86,11 @@
#endif
#ifdef HAVE_FORK
-diff --git a/dcmpstat/apps/dcmpsrcv.cc b/dcmpstat/apps/dcmpsrcv.cc
-index 7d116bb..20dbf9a 100644
---- a/dcmpstat/apps/dcmpsrcv.cc
-+++ b/dcmpstat/apps/dcmpsrcv.cc
-@@ -1275,7 +1275,11 @@ int main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmpstat/apps/dcmpsrcv.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmpstat/apps/dcmpsrcv.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmpstat/apps/dcmpsrcv.cc 2014-02-27 17:29:13.560616070 +0100
+@@ -1275,7 +1275,11 @@
* and run by another user. Running as root user may be
* potentially disasterous if this program screws up badly.
*/
@@ -130,11 +103,11 @@
#endif
#ifdef HAVE_FORK
-diff --git a/dcmpstat/tests/msgserv.cc b/dcmpstat/tests/msgserv.cc
-index 81181ec..8a0aa12 100644
---- a/dcmpstat/tests/msgserv.cc
-+++ b/dcmpstat/tests/msgserv.cc
-@@ -190,7 +190,11 @@ int main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmpstat/tests/msgserv.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmpstat/tests/msgserv.cc 2013-11-14 15:08:01.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmpstat/tests/msgserv.cc 2014-02-27 17:29:13.560616070 +0100
+@@ -190,7 +190,11 @@
* and run by another user. Running as root user may be
* potentially disasterous if this program screws up badly.
*/
@@ -147,11 +120,11 @@
#endif
fd_set fdset;
-diff --git a/dcmqrdb/apps/dcmqrscp.cc b/dcmqrdb/apps/dcmqrscp.cc
-index 3a0fc0d..74dfbb4 100644
---- a/dcmqrdb/apps/dcmqrscp.cc
-+++ b/dcmqrdb/apps/dcmqrscp.cc
-@@ -685,7 +685,11 @@ main(int argc, char *argv[])
+Index: dcmtk-3.6.1~20131114/dcmqrdb/apps/dcmqrscp.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmqrdb/apps/dcmqrscp.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmqrdb/apps/dcmqrscp.cc 2014-02-27 17:29:13.560616070 +0100
+@@ -685,7 +685,11 @@
* and run by another user. Running as root user may be
* potentially disasterous if this program screws up badly.
*/
@@ -164,11 +137,11 @@
#endif
#if defined(HAVE_SETUID) && defined(HAVE_GRP_H) && defined(HAVE_PWD_H)
-diff --git a/dcmwlm/libsrc/wlmactmg.cc b/dcmwlm/libsrc/wlmactmg.cc
-index d84f0c0..de14739 100644
---- a/dcmwlm/libsrc/wlmactmg.cc
-+++ b/dcmwlm/libsrc/wlmactmg.cc
-@@ -246,7 +246,11 @@ OFCondition WlmActivityManager::StartProvidingService()
+Index: dcmtk-3.6.1~20131114/dcmwlm/libsrc/wlmactmg.cc
+===================================================================
+--- dcmtk-3.6.1~20131114.orig/dcmwlm/libsrc/wlmactmg.cc 2014-02-27 17:28:48.000000000 +0100
++++ dcmtk-3.6.1~20131114/dcmwlm/libsrc/wlmactmg.cc 2014-02-27 17:29:13.560616070 +0100
+@@ -246,7 +246,11 @@
// things go very wrong. Only works if the program is setuid root,
// and run by another user. Running as root user may be
// potentially disasterous if this program screws up badly.
@@ -181,6 +154,3 @@
#endif
// If we get to this point, the entire initialization process has been completed
---
-1.7.2.5
-
More information about the debian-med-commit
mailing list