diff --git a/gdcm b/gdcm index bedf833..be46bd0 160000 --- a/gdcm +++ b/gdcm @@ -1 +1 @@ -Subproject commit bedf8333a7bb65803fa7ecd135862b41d6f3d7a623c89672288a0a6beadca927 +Subproject commit be46bd0032e98d8bc3cbee9845ccba0c1262003f56ac34f626cc68fa4b215a11 diff --git a/orthanc b/orthanc index 12a313f..b1faeb6 160000 --- a/orthanc +++ b/orthanc @@ -1 +1 @@ -Subproject commit 12a313f7542a49b388ca20da2c8c6a4c319b6a2555dad08809b699c3c981cf8c +Subproject commit b1faeb6d03a18854e0c1519b28f6d087020b71a1de914ec6a501d10c5712a82f diff --git a/orthanc-authorization b/orthanc-authorization index 1775daa..f76b8b7 160000 --- a/orthanc-authorization +++ b/orthanc-authorization @@ -1 +1 @@ -Subproject commit 1775daa8d27ab940ad95a4e3c679ba9adacd977afa085d3257f834995835433d +Subproject commit f76b8b7d8cd735df77964b50db2a5817a218d7409cc9d4b8632c6664b938819a diff --git a/orthanc-dicomweb b/orthanc-dicomweb index 7673570..43ded30 160000 --- a/orthanc-dicomweb +++ b/orthanc-dicomweb @@ -1 +1 @@ -Subproject commit 76735708d62f2de8cc9b50d2f9b675d45873e3531b62a6962f5a38c51713b51a +Subproject commit 43ded30b6e6939a296558c2b485ded276ff30164db1a726c485ee504d2729838 diff --git a/orthanc-gdcm b/orthanc-gdcm index 4cd29ae..6bd78f0 160000 --- a/orthanc-gdcm +++ b/orthanc-gdcm @@ -1 +1 @@ -Subproject commit 4cd29ae1d88b483527e39ce339d3a545f5e379cb4bdc0aa208a18585a0211bce +Subproject commit 6bd78f0f67d23b1c4d9bc8c5e20e096073f729eb1d546b77e2857d1d01072ab8 diff --git a/orthanc-indexer b/orthanc-indexer index cd8eb0d..e85b09b 160000 --- a/orthanc-indexer +++ b/orthanc-indexer @@ -1 +1 @@ -Subproject commit cd8eb0df05561d7a4c4a3ce84c346c0c30812e9f446ebae539a813ad05c7af52 +Subproject commit e85b09b660f8177f81a5a4d2e82f1fd4516e16f44c4bc07d329e85a05058db26 diff --git a/orthanc-mysql b/orthanc-mysql index c3f53cb..332c406 160000 --- a/orthanc-mysql +++ b/orthanc-mysql @@ -1 +1 @@ -Subproject commit c3f53cb55c1f86cce238aa5b63b782a4fe55c4585dcaafa1207edb20bdb65469 +Subproject commit 332c40656c301b2161b5f6312774ad2ef7337b2a831c4ef1fbd5498793f5265f diff --git a/orthanc-neuro b/orthanc-neuro index c1ebe82..ce09ff7 160000 --- a/orthanc-neuro +++ b/orthanc-neuro @@ -1 +1 @@ -Subproject commit c1ebe82b725fa7fc35c85f70ddad94d689fb3e2068a9358ee6e2ed36d1dd59c0 +Subproject commit ce09ff7baa89cb63176c26621ad7a92fb8d94d4fe88bc20c1ed8bf1f5742dc8b diff --git a/orthanc-postgresql b/orthanc-postgresql index 58dee52..424752a 160000 --- a/orthanc-postgresql +++ b/orthanc-postgresql @@ -1 +1 @@ -Subproject commit 58dee52dbf8905df2dd43992c35b86f5fbd3fdcc3c2763d7ee3301f676c22356 +Subproject commit 424752aeb50ce197dae83558f3b1ae6e8b023fb7360d2a450be8cb01a304a68e diff --git a/orthanc-python b/orthanc-python index cff0c7c..7415055 160000 --- a/orthanc-python +++ b/orthanc-python @@ -1 +1 @@ -Subproject commit cff0c7c264191c7e889f83984b8370923d457b63206edd18ae01046c7115f54d +Subproject commit 7415055070be4633374c4970434cd205eb979cd6038f287288b88b29deb491f6 diff --git a/orthanc-stl b/orthanc-stl index a6937cc..47cf97a 160000 --- a/orthanc-stl +++ b/orthanc-stl @@ -1 +1 @@ -Subproject commit a6937cc2bc0442e0156e14018a4e84440c8f2c17d8bd1b102aebd2390a37f701 +Subproject commit 47cf97af1d7c40a9d78e709efa023929faba66adff8abe1b0b673e0c0f71bc5f diff --git a/orthanc-tcia b/orthanc-tcia index 356ba25..bc37602 160000 --- a/orthanc-tcia +++ b/orthanc-tcia @@ -1 +1 @@ -Subproject commit 356ba251d280e543fbac32585f03a8502909a4ab2539660556b39acc9e6dbe0a +Subproject commit bc376025534b9e8da34e4eeace56728da77c237ab39fdd19bc1f20913a69e936 diff --git a/orthanc-wsi b/orthanc-wsi index a0c624c..4287627 160000 --- a/orthanc-wsi +++ b/orthanc-wsi @@ -1 +1 @@ -Subproject commit a0c624caf6d6edbd02d1d969bcd23cc7c61492c52b15be5e4454217f9908c058 +Subproject commit 428762710d0b4ba32a38295ec59f4e227c080885f9bf8bb918e50f4c26404569 diff --git a/patchinfo.20260209213841964623.93181000773252/_patchinfo b/patchinfo.20260209213841964623.93181000773252/_patchinfo new file mode 100644 index 0000000..036d971 --- /dev/null +++ b/patchinfo.20260209213841964623.93181000773252/_patchinfo @@ -0,0 +1,230 @@ + + VUL-0: CVE-2024-22391: gdcm: heap-based buffer overflow in the LookupTable:SetLUT functionality + VUL-0: CVE-2024-22373: gdcm: out-of-bounds write in the JPEG2000Codec:DecodeByStreamsCommon functionality + VUL-0: CVE-2024-25569: gdcm: out-of-bounds read in the RAWCodec:DecodeBytes functionality + DocB + important + security + Security update for orthanc, gdcm, orthanc-authorization, orthanc-dicomweb, orthanc-gdcm, orthanc-indexer, orthanc-mysql, orthanc-neuro, orthanc-postgresql, orthanc-python, orthanc-stl, orthanc-tcia, orthanc-wsi, python-pyorthanc + This update for orthanc, gdcm, orthanc-authorization, orthanc-dicomweb, orthanc-gdcm, orthanc-indexer, orthanc-mysql, orthanc-neuro, orthanc-postgresql, orthanc-python, orthanc-stl, orthanc-tcia, orthanc-wsi, python-pyorthanc fixes the following issues: + +Changes in orthanc: + +- dcmtk 370 breaks TW build + +- switch to lua 5.4 + +- patch out boost component system from framework + +- version 1.12.10 + ' long changelog - see NEWS for details + +- apply boost patch to source tree + +- Stop trying to pull libboost_system-devel in all orthanc packages. + +- remove libboost_system-devel for TW (removed in boost 1.89) + +- version 1.12.9 + * long changelog - see NEWS for details + +Changes in gdcm: + +- apply fix for poppler 25.10 build error + +Changes in orthanc-authorization: + +- version 0.10.3 + * New default permissions for worklists + * New default permissions for tools/metrics-prometheus + * New default permissions for tools/generate-uid + +- version 0.10.2 + * New default permissions to add/delete modalities through the Rest API + https://discourse.orthanc-server.org/t/managing-modalities-using-the-rest-api-and-keycloak/6137 + * New standard configuration "stl" + +- remove libboost_system-devel for TW (removed in boost 1.89)- + +- version 0.10.1 + * Fix audit-logs export in CSV format. + * New configuration "ExtraPermissions" to ADD new permissions to + the default "Permissions" entries. + * Improved handling of "Anonymous" user profiles (when no auth-tokens + are provided): The plugin will now request the auth-service to + get an anonymous user profile even if there are no auth-tokens in the + HTTP request. + * The User profile can now contain a "groups" field if the auth-service + provides it. + * The User profile can now contain an "id" field if the auth-service + provides it. + * New experimental feature: audit-logs + - Enabled by the "EnableAuditLogs" configuration. + - Audit-logs are currently handled by the PostgreSQL plugin and can be + browsed through the route /auth/audit-logs. + - New default permission "audit-logs" to grant access to the + "/auth/audit-logs" route. + * Fix: The "server-id" field is now included in all requests sent to the + auth-service. + +Changes in orthanc-dicomweb: + +- version 1.22 + * framework2.diff added for compatibilty with Orthanc framework <= 1.12.10 + * Fixed a possible deadlock when using "WadoRsLoaderThreadsCount" > 1 when the HTTP + client disconnects while downloading the response. + * Fixed "Success: Success" errors when trying to send resources synchronously to a remote DICOMweb + server while the Orthanc job engine was busy with other tasks. + +- remove libboost_system-devel for TW (removed in boost 1.89) + +- version 1.21 + * New configuration "WadoRsLoaderThreadsCount" to configure how many threads are loading + files from the storage when answering to a WADO-RS query. A value > 1 is meaningful + only if the storage is a distributed network storage (e.g object storage plugin). + A value of 0 means reading and writing are performed in sequence (default behaviour). + * New configuration "EnablePerformanceLogs" to display performance logs. Currently + only showing the time required to execute a WADO-RS query. For example: + WADO-RS: elapsed: 26106623 us, rate: 14.86 instances/s, 155.23Mbps + * Fix false errors logs generated e.g when OHIF requests the /dicom-web/studies/../metadata route: + "dicom-web:/Configuration.cpp:643] Unsupported return MIME type: application/dicom+json, multipart/related; type=application/octet-stream; transfer-syntax=*, will return DICOM+JSON" + +Changes in orthanc-gdcm: + +- version 1.8 + * Prevent transcoding of DICOM images with empty + SharedFunctionalGroupsSequence (5200,9229), as this might crash GDCM. + * The built-in Orthanc transcoder being usually more stable, the default + value of the "RestrictTransferSyntaxes" configuration has been updated + to configure the GDCM plugin for J2K transfer syntaxes only since these + transfer syntaxes are currently not supported by the built-in Orthanc + transcoder. + - If "RestrictTransferSyntaxes" is not specified in your configuration, + it is now equivalent to + "RestrictTransferSyntaxes" : [ + "1.2.840.10008.1.2.4.90", // JPEG 2000 Image Compression (Lossless Only) + "1.2.840.10008.1.2.4.91", // JPEG 2000 Image Compression + "1.2.840.10008.1.2.4.92", // JPEG 2000 Part 2 Multicomponent Image Compression (Lossless Only) + "1.2.840.10008.1.2.4.93" // JPEG 2000 Part 2 Multicomponent Image Compression + ] + which was the recommended configuration. + - If "RestrictTransferSyntaxes" is defined but empty, the GDCM plugin will + now be used to transcode ALL transfer syntaxes (this was the default + behaviour up to version 1.7) + +- remove libboost_system-devel for TW (removed in boost 1.89) + +- version 1.7 + * Upgrade to GDCM 3.0.24 for static builds. Fixes: + - CVE-2024-22373: https://nvd.nist.gov/vuln/detail/CVE-2024-22373 + - CVE-2024-22391: https://nvd.nist.gov/vuln/detail/CVE-2024-22391 + - CVE-2024-25569: https://nvd.nist.gov/vuln/detail/CVE-2024-25569 + +Changes in orthanc-indexer: + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in orthanc-mysql: + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in orthanc-neuro: + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in orthanc-postgresql: + +- version 10.0 + * update mainly providing new Reserve and Acknowledge primitives + for Queues in plugins + +- remove libboost_system-devel for TW (removed in boost 1.89) + +- version 9.0 + * DB-scheme rev. 6 - check Orthanc book + +- version 8.0 + * no changelog provided + * New DB scheme + +Changes in orthanc-python: + +- version 7.0 + * The "orthanc.pyi" stub is now excluded from the "install" step during the build + * Wrapped new SCP callbacks: + - RegisterFindCallback2() + - RegisterMoveCallback3() + - RegisterWorklistCallback2() + - RegisterStorageCommitmentScpCallback2() + * Wrapped new Queues methods: + - ReserveQueueValue() + - AcknowledgeQueueValue() + +- remove libboost_system-devel for TW (removed in boost 1.89) + +- remove /usr/orthanc.pyi - unneeded + +- version 6.0 + * The auto-generation of the Python wrapper is now part of the build, + to exploit the ORTHANC_PLUGIN_SINCE_SDK macro. This provides backward + compatibility with the SDK that is actually installed on the system + * Added Windows builder for Python 3.13 + * Added Docker-based builder scripts for Debian 13 (trixie) + +Changes in orthanc-stl: + +- patch out libboost-system to fix build error + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in orthanc-tcia: + +- version 1.3 + * Replaced default base URL of TCIA REST API from + "https://services.cancerimagingarchive.net/services/v4/TCIA/query" to + "https://nbia.cancerimagingarchive.net/nbia-api/services/v4" + * Added configuration option "BaseUrl" to manually configure the base URL + * Fix for newer versions of the NBIA cart file format + * Upgrade to Orthanc framework 1.12.3 + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in orthanc-wsi: + +- fix build error w framework 1.12.10 + +- version 3.3 + * OrthancWSIDicomizer: + - New option "--encoding" to specify the specific character set of DICOM instances + - Placeholder tags are now automatically inserted when the "--dataset" option + provides incomplete data, ensuring the generated DICOM instances remain valid + - The version of the DICOM-izer is available in DICOM tag "SoftwareVersions" + - ImagedVolumeWidth and ImagedVolumeHeight are swapped with respect to releases <= 3.2: + https://discourse.orthanc-server.org/t/5912 + * Viewer plugin: + - Added rotation button in the viewer + - The viewer displays a label if the "description" GET parameter is provided + - Upgraded to OpenLayers 10.6.1 + +- remove libboost_system-devel for TW (removed in boost 1.89) + +Changes in python-pyorthanc: + +- version 1.22.1 + * no changelog provided + + orthanc + gdcm + orthanc-authorization + orthanc-dicomweb + orthanc-gdcm + orthanc-indexer + orthanc-mysql + orthanc-neuro + orthanc-postgresql + orthanc-python + orthanc-stl + orthanc-tcia + orthanc-wsi + python-pyorthanc + diff --git a/python-pyorthanc b/python-pyorthanc index 4f2dfa9..abe375b 160000 --- a/python-pyorthanc +++ b/python-pyorthanc @@ -1 +1 @@ -Subproject commit 4f2dfa932143434630c222b310164bba12a78a483e487f05d4fac3b781a6ae3b +Subproject commit abe375bd314d4067d4236e13587d5bd67c2746307c8fa4c57d63c5576c826f09