pool/dcmtk
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

base: pool:leap-16.0
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1
..
compare: pool:factory
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1

6 Commits
leap-16.0 ... factory

Author SHA256 Message Date
Ana Guerrero
d4fb3533e4 Accepting request 1325262 from KDE:Extra 
- Update to 3.7.0. See docs/CHANGES.370 for the full list of changes
  * Fixes CVE-2025-14841 / boo#1255292
  * Fixes CVE-2025-14607 / boo#1255464
- Drop patches, merged upstream:
  * 0001-Added-check-to-make-sure-HighBit-BitsAllocated.patch
  * 0001-Fixed-issue-rendering-invalid-monochrome-image.patch
  * 0001-Fixed-another-issue-with-invalid-mono-images.patch
  * 0001-Replaced-call-of-delete-by-delete.patch
  * 0001-Fixed-another-issue-with-invalid-DICOM-images.patch
  * 0001-Fixed-issue-with-invalid-RLE-compressed-DICOM-images.patch
  * CVE-2025-2357.patch
  * CVE-2025-9732.patch

- Add patch to avoid unnecessary dependencies (boo#1254123):
  * 0001-dcmimage-Link-privately-to-libtiff-and-libpng.patch

OBS-URL: https://build.opensuse.org/request/show/1325262
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dcmtk?expand=0&rev=36
 2026-01-05 13:52:42 +00:00
Christophe Marin
6a17e471db OBS-URL: https://build.opensuse.org/package/show/KDE:Extra/dcmtk?expand=0&rev=108 2026-01-04 13:06:13 +00:00
Christophe Marin
7c5ae0880b Update to 3.7.0 
OBS-URL: https://build.opensuse.org/package/show/KDE:Extra/dcmtk?expand=0&rev=107
 2026-01-04 10:27:11 +00:00
Christophe Marin
3316ef937a RFC. If it looks good I'll make an upstream PR. 
- Add patch to avoid unnecessary dependencies (boo#1254123):
  * 0001-dcmimage-Link-privately-to-libtiff-and-libpng.patch

OBS-URL: https://build.opensuse.org/package/show/KDE:Extra/dcmtk?expand=0&rev=106
 2026-01-04 10:11:57 +00:00
Ana Guerrero
712786f580 Accepting request 1302162 from KDE:Extra 
- Add upstream change (CVE-2025-9732, boo#1248995)
  * CVE-2025-9732.patch

OBS-URL: https://build.opensuse.org/request/show/1302162
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dcmtk?expand=0&rev=35
 2025-09-01 15:18:21 +00:00
Christophe Marin
12934b1da2 CVE-2025-9732 
OBS-URL: https://build.opensuse.org/package/show/KDE:Extra/dcmtk?expand=0&rev=104
 2025-09-01 08:40:21 +00:00
13 changed files with 70 additions and 333 deletions
Expand all files Collapse all files

55
0001-Added-check-to-make-sure-HighBit-BitsAllocated.patch
View File

@@ -1,55 +0,0 @@
From 03e851b0586d05057c3268988e180ffb426b2e03 Mon Sep 17 00:00:00 2001
From: Joerg Riesmeier <dicom@jriesmeier.com>
Date: Fri, 3 Jan 2025 16:08:44 +0100
Subject: [PATCH] Added check to make sure: HighBit < BitsAllocated.
Added check to the image preprocessing to make sure that the value of
HighBit is always less than the value of BitsAllocated. Before, this
missing check could lead to memory corruption if an invalid combination
of values was retrieved from a malformed DICOM dataset.
Thanks to Emmanuel Tacheau from the Cisco Talos team
<vulndiscovery@external.cisco.com> for the report, sample file (PoC)
and detailed analysis. See TALOS-2024-2121 and CVE-2024-52333.
---
dcmimgle/libsrc/diimage.cc | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/dcmimgle/libsrc/diimage.cc b/dcmimgle/libsrc/diimage.cc
index 480235e3b..1827ac68b 100644
--- a/dcmimgle/libsrc/diimage.cc
+++ b/dcmimgle/libsrc/diimage.cc
@@ -1,6 +1,6 @@
/*
*
- * Copyright (C) 1996-2024, OFFIS e.V.
+ * Copyright (C) 1996-2025, OFFIS e.V.
* All rights reserved. See COPYRIGHT file for details.
*
* This software and supporting documentation were developed by
@@ -549,12 +549,18 @@ void DiImage::convertPixelData()
{
const unsigned long fsize = OFstatic_cast(unsigned long, Rows) * OFstatic_cast(unsigned long, Columns) *
OFstatic_cast(unsigned long, SamplesPerPixel);
- if ((BitsAllocated < 1) || (BitsStored < 1) || (BitsAllocated < BitsStored) ||
- (BitsStored > OFstatic_cast(Uint16, HighBit + 1)))
+ if ((BitsAllocated < 1) || (BitsStored < 1))
{
ImageStatus = EIS_InvalidValue;
- DCMIMGLE_ERROR("invalid values for 'BitsAllocated' (" << BitsAllocated << "), "
- << "'BitsStored' (" << BitsStored << ") and/or 'HighBit' (" << HighBit << ")");
+ DCMIMGLE_ERROR("invalid value(s) for 'BitsAllocated' (" << BitsAllocated << "), "
+ << "and/or 'BitsStored' (" << BitsStored << ")");
+ return;
+ }
+ else if ((BitsAllocated < BitsStored) || (BitsAllocated <= HighBit) || ((BitsStored - 1) > HighBit))
+ {
+ ImageStatus = EIS_InvalidValue;
+ DCMIMGLE_ERROR("invalid combination of values for 'BitsAllocated' (" << BitsAllocated << "), "
+ << "'BitsStored' (" << BitsStored << ") and 'HighBit' (" << HighBit << ")");
return;
}
else if ((evr == EVR_OB) && (BitsStored <= 8))
--
2.47.1

41
0001-Fixed-another-issue-with-invalid-DICOM-images.patch
View File

@@ -1,41 +0,0 @@
From 8d66178e559e53ce8658ff671a68b6462865b0d5 Mon Sep 17 00:00:00 2001
From: Joerg Riesmeier <dicom@jriesmeier.com>
Date: Tue, 21 Jan 2025 11:12:28 +0100
Subject: [PATCH] Fixed another issue with invalid DICOM images.
Fixed issue when processing an invalid DICOM image where the number of
pixels stored does not match the expected number of pixels (too less)
and the combination of BitsAllocated and BitsStored is really unusual
(e.g. 1 bit stored, but 52 bits allocated). In cases where the last
pixel (e.g. a single bit) does not fit into the buffer of the input
pixel data, a buffer overflow occurred on the heap. Now, the last entry
of the buffer is filled with the smallest possible value (e.g. 0 in case
of unsigned data).
Thanks to Ding zhengzheng <xiaozheng.ding399@gmail.com> for the report
and the sample file (PoC).
---
dcmimgle/include/dcmtk/dcmimgle/diinpxt.h | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/dcmimgle/include/dcmtk/dcmimgle/diinpxt.h b/dcmimgle/include/dcmtk/dcmimgle/diinpxt.h
index 6a37c2d..420e73c 100644
--- a/dcmimgle/include/dcmtk/dcmimgle/diinpxt.h
+++ b/dcmimgle/include/dcmtk/dcmimgle/diinpxt.h
@@ -643,6 +643,13 @@ class DiInputPixelTemplate
skip -= times * bitsof_T1;
}
}
+ /* fill the remaining entry (if any) with the smallest value that is possible */
+ if (q < Data + Count)
+ {
+ DCMIMGLE_TRACE("not enough data, filling last entry of input buffer with value = " << getAbsMinimum());
+ *q = OFstatic_cast(T2, getAbsMinimum());
+ }
+
}
} else
DCMIMGLE_DEBUG("cannot allocate memory buffer for 'Data' in DiInputPixelTemplate::convert()");
--
2.48.1

54
0001-Fixed-another-issue-with-invalid-mono-images.patch
View File

@@ -1,54 +0,0 @@
From 410ffe2019b9db6a8f4036daac742a6f5e4d36c2 Mon Sep 17 00:00:00 2001
From: Joerg Riesmeier <dicom@jriesmeier.com>
Date: Fri, 17 Jan 2025 17:53:50 +0100
Subject: [PATCH] Fixed another issue with invalid mono images.
Fixed issue when rendering an invalid monochrome DICOM image where the
number of pixels stored does not match the expected number of pixels.
In this case, only a single pixel is processed, but the pixel matrix is
much larger. Filling the rest of the pixel matrix with the smallest
possible value for the image is not working because of an optimized
memory usage (value would be out of range). Now, the pixel value to be
used is double-checked before it is actually filled into the "background"
of the image.
Thanks to Ding zhengzheng <xiaozheng.ding399@gmail.com> for the report
and the sample file (PoC).
---
dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h b/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
index 50389a540..f67967310 100644
--- a/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
+++ b/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
@@ -28,6 +28,7 @@
#include "dcmtk/ofstd/ofbmanip.h"
#include "dcmtk/ofstd/ofcast.h"
#include "dcmtk/ofstd/ofdiag.h" /* for DCMTK_DIAGNOSTIC macros */
+#include "dcmtk/ofstd/oflimits.h" /* for OFnumeric_limits<> */
#include "dcmtk/dcmimgle/dimopxt.h"
#include "dcmtk/dcmimgle/diinpx.h"
@@ -72,9 +73,16 @@ class DiMonoInputPixelTemplate
rescale(pixel); // "copy" or reference pixel data
this->determineMinMax(OFstatic_cast(T3, this->Modality->getMinValue()), OFstatic_cast(T3, this->Modality->getMaxValue()));
}
- /* erase empty part of the buffer (= fill the background with the smallest possible value) */
+ /* erase empty part of the buffer */
if ((this->Data != NULL) && (this->InputCount < this->Count))
- OFBitmanipTemplate<T3>::setMem(this->Data + this->InputCount, OFstatic_cast(T3, this->Modality->getAbsMinimum()), this->Count - this->InputCount);
+ {
+ /* that means, fill the background with the smallest value that is possible */
+ const T3 minOut = OFnumeric_limits<T3>::min();
+ const T3 background = (this->Modality->getAbsMinimum() < OFstatic_cast(double, minOut)) ? minOut : OFstatic_cast(T3, this->Modality->getAbsMinimum());
+ const size_t count = (this->Count - this->InputCount);
+ DCMIMGLE_DEBUG("filing empty part of the intermediate pixel data (" << count << " pixels) with value = " << OFstatic_cast(double, background));
+ OFBitmanipTemplate<T3>::setMem(this->Data + this->InputCount, background, count);
+ }
}
}
--
2.48.1

39
0001-Fixed-issue-rendering-invalid-monochrome-image.patch
View File

@@ -1,39 +0,0 @@
From 89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6 Mon Sep 17 00:00:00 2001
From: Joerg Riesmeier <dicom@jriesmeier.com>
Date: Sat, 11 Jan 2025 17:59:39 +0100
Subject: [PATCH] Fixed issue rendering invalid monochrome image.
Fixed issue when rendering an invalid monochrome DICOM image where the
number of pixels stored does not match the expected number of pixels.
If the stored number is less than the expected number, the rest of the
pixel matrix for the intermediate representation was always filled with
the value 0. Under certain, very rare conditions, this could result in
memory problems reported by an Address Sanitizer (ASAN). Now, the rest
of the matrix is filled with the smallest possible value for the image.
Thanks to Emmanuel Tacheau from the Cisco Talos team
<vulndiscovery@external.cisco.com> for the original report, the sample
file (PoC) and further details. See TALOS-2024-2122 and CVE-2024-47796.
---
dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h b/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
index e749a6b16..50389a540 100644
--- a/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
+++ b/dcmimgle/include/dcmtk/dcmimgle/dimoipxt.h
@@ -72,9 +72,9 @@ class DiMonoInputPixelTemplate
rescale(pixel); // "copy" or reference pixel data
this->determineMinMax(OFstatic_cast(T3, this->Modality->getMinValue()), OFstatic_cast(T3, this->Modality->getMaxValue()));
}
- /* erase empty part of the buffer (= blacken the background) */
+ /* erase empty part of the buffer (= fill the background with the smallest possible value) */
if ((this->Data != NULL) && (this->InputCount < this->Count))
- OFBitmanipTemplate<T3>::zeroMem(this->Data + this->InputCount, this->Count - this->InputCount);
+ OFBitmanipTemplate<T3>::setMem(this->Data + this->InputCount, OFstatic_cast(T3, this->Modality->getAbsMinimum()), this->Count - this->InputCount);
}
}
--
2.47.1

42
0001-Fixed-issue-with-invalid-RLE-compressed-DICOM-images.patch
View File

@@ -1,42 +0,0 @@
From 9749a73aaf1cbb4a46b730214f559fc8a6891597 Mon Sep 17 00:00:00 2001
From: Marco Eichelberg <eichelberg@offis.de>
Date: Thu, 23 Jan 2025 15:51:21 +0100
Subject: [PATCH] Fixed issue with invalid RLE compressed DICOM images.
Fixed issue when processing an RLE compressed image where the RLE header
contains an invalid stripe size.
Thanks to Ding zhengzheng <xiaozheng.ding399@gmail.com> for the report
and the sample file (PoC).
---
dcmdata/libsrc/dcrleccd.cc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/dcmdata/libsrc/dcrleccd.cc b/dcmdata/libsrc/dcrleccd.cc
index fd01b63..e45ef0c 100644
--- a/dcmdata/libsrc/dcrleccd.cc
+++ b/dcmdata/libsrc/dcrleccd.cc
@@ -1,6 +1,6 @@
/*
*
- * Copyright (C) 2002-2024, OFFIS e.V.
+ * Copyright (C) 2002-2025, OFFIS e.V.
* All rights reserved. See COPYRIGHT file for details.
*
* This software and supporting documentation were developed by
@@ -348,6 +348,12 @@ OFCondition DcmRLECodecDecoder::decode(
} /* while */
// last fragment for this RLE stripe
+ if (inputBytes + byteOffset > fragmentLength)
+ {
+ DCMDATA_ERROR("stream size in RLE header is wrong");
+ inputBytes = fragmentLength-byteOffset;
+ }
+
result = rledecoder.decompress(rleData + byteOffset, OFstatic_cast(size_t, inputBytes));
// special handling for zero pad byte at the end of the RLE stream
--
2.48.1

27
0001-Replaced-call-of-delete-by-delete.patch
View File

@@ -1,27 +0,0 @@
From f192e0cd43af21021454a69016c565b89bfd8e90 Mon Sep 17 00:00:00 2001
From: Joerg Riesmeier <dicom@jriesmeier.com>
Date: Sat, 11 Jan 2025 17:47:15 +0100
Subject: [PATCH] Replaced call of delete by delete[].
This issue has been reported by the gcc address sanitizer (using option
-fsanitize=address).
---
dcmimgle/libsrc/diimage.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dcmimgle/libsrc/diimage.cc b/dcmimgle/libsrc/diimage.cc
index 1827ac68b..0f5258758 100644
--- a/dcmimgle/libsrc/diimage.cc
+++ b/dcmimgle/libsrc/diimage.cc
@@ -889,7 +889,7 @@ int DiImage::writeBMP(FILE *stream,
result = 1;
}
/* delete pixel data */
- delete OFstatic_cast(char *, data); // type cast necessary to avoid compiler warnings using gcc >2.95
+ delete[] OFstatic_cast(char *, data);
}
return result;
}
--
2.47.1

25
0001-dcmimage-Link-privately-to-libtiff-and-libpng.patch Normal file
View File

@@ -0,0 +1,25 @@
From 2f51702b80a72eaba041bfef19cd93c009bc1fc8 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fvogt@suse.de>
Date: Wed, 26 Nov 2025 15:36:29 +0100
Subject: [PATCH] dcmimage: Link privately to libtiff and libpng
Those are not used by the interface.
---
dcmimage/libsrc/CMakeLists.txt | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dcmimage/libsrc/CMakeLists.txt b/dcmimage/libsrc/CMakeLists.txt
index 8f2c76cc9441..44e866a07579 100644
--- a/dcmimage/libsrc/CMakeLists.txt
+++ b/dcmimage/libsrc/CMakeLists.txt
@@ -24,5 +24,5 @@ DCMTK_ADD_LIBRARY(dcmimage
diyp2img.cc
)
-DCMTK_TARGET_LINK_MODULES(dcmimage oflog dcmdata dcmimgle)
-DCMTK_TARGET_LINK_LIBRARIES(dcmimage ${LIBTIFF_LIBS} ${LIBPNG_LIBS})
+DCMTK_TARGET_LINK_MODULES(dcmimage PUBLIC oflog dcmdata dcmimgle)
+DCMTK_TARGET_LINK_LIBRARIES(dcmimage PRIVATE ${LIBTIFF_LIBS} ${LIBPNG_LIBS})
--
2.51.1

49
CVE-2025-2357.patch
View File

@@ -1,49 +0,0 @@
From 69a6690db71927e02a6fb6ee655cb449f0431466 Mon Sep 17 00:00:00 2001
From: Marco Eichelberg <eichelberg@offis.de>
Date: Mon, 3 Mar 2025 12:33:18 +0100
Subject: [PATCH] Fixed segfault in JPEG-LS decoder.
Fixed a bug in the JPEG-LS decoder that led to a segmentation fault if invalid
input data was processed, due to insufficient validation of input data.
Thanks to Ding zhengzheng <xiaozheng.ding399@gmail.com> for the report
and the sample file (PoC).
This closes DCMTK issue #1155.
---
dcmjpls/libcharls/scan.h | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/dcmjpls/libcharls/scan.h b/dcmjpls/libcharls/scan.h
index b4dea20..d6dfa5a 100644
--- a/dcmjpls/libcharls/scan.h
+++ b/dcmjpls/libcharls/scan.h
@@ -629,14 +629,24 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(SAMPLE*)
LONG index = 0;
LONG Rb = _previousLine[index-1];
LONG Rd = _previousLine[index];
+ LONG RANGE_UPPER = 1 << traits.bpp;
+ LONG RANGE_LOWER = - RANGE_UPPER;
while(index < _width)
- {
+ {
LONG Ra = _currentLine[index -1];
LONG Rc = Rb;
Rb = Rd;
Rd = _previousLine[index + 1];
+ // make sure that values are not out of range
+ if ( (Rd - Rb < RANGE_LOWER) || (Rd - Rb > RANGE_UPPER)
+ || (Rb - Rc < RANGE_LOWER) || (Rb - Rc > RANGE_UPPER)
+ || (Rc - Ra < RANGE_LOWER) || (Rc - Ra > RANGE_UPPER))
+ {
+ throw JlsException(InvalidCompressedData);
+ }
+
LONG Qs = ComputeContextID(QuantizeGratient(Rd - Rb), QuantizeGratient(Rb - Rc), QuantizeGratient(Rc - Ra));
if (Qs != 0)
--
2.48.1

3
dcmtk-3.6.9.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b93ff5561244916a6e1e7e3ecccf2e26e6932c4edb5961268401cea7d4ab9c16
size 9628334

3
dcmtk-3.7.0.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f103df876040a4f904f01d2464f7868b4feb659d8cd3f46a5f1f61aa440be415
size 9735627

9
dcmtk-fix-DCMTKTargets.cmake.patch
View File

@@ -1,4 +1,4 @@
From 6bb5b2b2865b4b57a80d5f801a43453918666d99 Mon Sep 17 00:00:00 2001
From 67419b8bd14ad1f559312d8b3cf5827185a91554 Mon Sep 17 00:00:00 2001
From: Christophe Giboudeaux <christophe@krop.fr>
Date: Sat, 23 Jul 2022 09:21:38 +0200
Subject: [PATCH] Don't add executables to exported CMake targets
@@ -25,10 +25,10 @@ index b4f44e4..0e3cc3c 100644
# Get and store libraries to DCMTKTargets.cmake within the build's main dir
get_property(DCMTK_LIBRARY_TARGETS GLOBAL PROPERTY DCMTK_LIBRARY_TARGETS)
diff --git a/CMake/dcmtkMacros.cmake b/CMake/dcmtkMacros.cmake
index bd35469..b318a56 100644
index 4ba6845..c669d63 100644
--- a/CMake/dcmtkMacros.cmake
+++ b/CMake/dcmtkMacros.cmake
@@ -63,7 +63,7 @@ macro(DCMTK_ADD_EXECUTABLE PROGRAM)
@@ -66,7 +66,7 @@ macro(DCMTK_ADD_EXECUTABLE PROGRAM)
# declare installation files, also export DCMTKTargets.cmake
install(TARGETS ${PROGRAM}
@@ -37,3 +37,6 @@ index bd35469..b318a56 100644
COMPONENT bin
DESTINATION ${CMAKE_INSTALL_BINDIR})
endif()
--
2.52.0

28
dcmtk.changes
View File

@@ -1,3 +1,31 @@
-------------------------------------------------------------------
Sun Jan 4 10:12:31 UTC 2026 - Christophe Marin <christophe@krop.fr>
- Update to 3.7.0. See docs/CHANGES.370 for the full list of changes
* Fixes CVE-2025-14841 / boo#1255292
* Fixes CVE-2025-14607 / boo#1255464
- Drop patches, merged upstream:
* 0001-Added-check-to-make-sure-HighBit-BitsAllocated.patch
* 0001-Fixed-issue-rendering-invalid-monochrome-image.patch
* 0001-Fixed-another-issue-with-invalid-mono-images.patch
* 0001-Replaced-call-of-delete-by-delete.patch
* 0001-Fixed-another-issue-with-invalid-DICOM-images.patch
* 0001-Fixed-issue-with-invalid-RLE-compressed-DICOM-images.patch
* CVE-2025-2357.patch
* CVE-2025-9732.patch
-------------------------------------------------------------------
Wed Nov 26 14:38:25 UTC 2025 - Fabian Vogt <fvogt@suse.com>
- Add patch to avoid unnecessary dependencies (boo#1254123):
* 0001-dcmimage-Link-privately-to-libtiff-and-libpng.patch
-------------------------------------------------------------------
Mon Sep 1 08:22:33 UTC 2025 - Christophe Marin <christophe@krop.fr>
- Add upstream change (CVE-2025-9732, boo#1248995)
* CVE-2025-9732.patch
-------------------------------------------------------------------
Mon Mar 17 10:31:13 UTC 2025 - Christophe Marin <christophe@krop.fr>

28
dcmtk.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package dcmtk
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,28 +16,18 @@
#
%define abiversion 19
%define abiversion 20
Name: dcmtk
Version: 3.6.9
Version: 3.7.0
Release: 0
Summary: DICOM Toolkit
License: Apache-2.0 AND BSD-3-Clause
URL: https://dicom.offis.de/dcmtk.php.en
Source0: https://dicom.offis.de/download/dcmtk/dcmtk369/%{name}-%{version}.tar.gz
Source0: https://dicom.offis.de/download/dcmtk/dcmtk370/%{name}-%{version}.tar.gz
# PATCH-FIX-OPENSUSE dcmtk-fix-DCMTKTargets.cmake.patch -- Do not track executables to be able to use dcmtk-devel without dcmtk package
Patch0: dcmtk-fix-DCMTKTargets.cmake.patch
# PATCH-FIX-UPSTREAM
Patch1: 0001-Added-check-to-make-sure-HighBit-BitsAllocated.patch
Patch2: 0001-Replaced-call-of-delete-by-delete.patch
Patch3: 0001-Fixed-issue-rendering-invalid-monochrome-image.patch
# CVE-2025-25472
Patch4: 0001-Fixed-another-issue-with-invalid-mono-images.patch
# CVE-2025-25474
Patch5: 0001-Fixed-another-issue-with-invalid-DICOM-images.patch
# CVE-2025-25475
Patch6: 0001-Fixed-issue-with-invalid-RLE-compressed-DICOM-images.patch
# CVE-2025-2357
Patch7: CVE-2025-2357.patch
Patch1: 0001-dcmimage-Link-privately-to-libtiff-and-libpng.patch
BuildRequires: cmake
BuildRequires: doxygen
BuildRequires: fdupes
@@ -65,7 +55,6 @@ Requires: libdcmtk%{abiversion} = %{version}
Requires: tcpd-devel
Requires: pkgconfig(libjpeg)
Requires: pkgconfig(libopenjp2)
Requires: pkgconfig(libpng)
Requires: pkgconfig(libxml-2.0)
%description devel
@@ -74,8 +63,6 @@ software using dcmtk.
%package -n libdcmtk%{abiversion}
Summary: DICOM Toolkit
Provides: libdcmtk3_6 = %{version}
Obsoletes: libdcmtk3_6 < %{version}
%description -n libdcmtk%{abiversion}
DCMTK is a collection of libraries and applications implementing large
@@ -111,7 +98,8 @@ install -pm 0644 README %{buildroot}%{_docdir}/dcmtk/
%fdupes %{buildroot}
%check
%ctest
# dcmect_roundtrip fails on s390x
%ctest --exclude-regex 'dcmect_roundtrip'
%ldconfig_scriptlets -n libdcmtk%{abiversion}
@@ -134,6 +122,6 @@ install -pm 0644 README %{buildroot}%{_docdir}/dcmtk/
%files -n libdcmtk%{abiversion}
%license COPYRIGHT
%{_libdir}/*.so.%{abiversion}
%{_libdir}/*.so.%{abiversion}.3.6*
%{_libdir}/*.so.%{abiversion}.3.7*
%changelog