group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 2081100] Re: Segmentation fault after installing ubuntu 20.04 security update 3.6.4-2.1ubuntu0.1

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Matthew Ruffell <2081100@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Jul 2025 05:27:13 -0000
Reply-to: Bug 2081100 <2081100@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

This was introduced by CVE-2021-41687.patch

It affects:
focal 3.6.4-2.1ubuntu0.1
bionic 3.6.2-3ubuntu0.1~esm2
xenial 3.6.1~20150924-5ubuntu0.1~esm2

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-41687

** Also affects: dcmtk (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: dcmtk (Ubuntu Noble)
   Importance: Undecided
       Status: New

** Also affects: dcmtk (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Also affects: dcmtk (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: dcmtk (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: dcmtk (Ubuntu Noble)
       Status: New => Fix Released

** Changed in: dcmtk (Ubuntu Jammy)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2081100

Title:
  Segmentation fault after installing ubuntu 20.04 security update
  3.6.4-2.1ubuntu0.1

Status in dcmtk package in Ubuntu:
  Confirmed
Status in dcmtk source package in Xenial:
  New
Status in dcmtk source package in Bionic:
  New
Status in dcmtk source package in Focal:
  New
Status in dcmtk source package in Jammy:
  Fix Released
Status in dcmtk source package in Noble:
  Fix Released

Bug description:
  Dear package maintainers of dcmtk, libdcmtk14, libdcmtk-dev,

  Today, we have applied the latest update 3.6.4-2.1ubuntu0.1. See details https://ubuntu.pkgs.org/20.04/ubuntu-updates-universe-arm64/libdcmtk14_3.6.4-2.1ubuntu0.1_arm64.deb.html
  '
  When running the dcmtk tool storescu, sending data is performed correctly, but the tool crashes. The last 3 lines of the command line output are:
  I: Received Store Response (Success)
  I: Releasing Association
  Segmentation fault (core dumped)

  According to our analysis, the code crashes when function
  ASC_destroyAssociation(...) is called.

  If I downgrade to package version 3.6.4-2.1build2, everything works
  fine.

  Could you please investigate this issue?

  Bye,
  Andreas Zolnay

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dcmtk/+bug/2081100/+subscriptions