dcmtk-3.6.9-3.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:15963 Final 1 1 2025-03-17T00:00:00Z current 2025-03-17T00:00:00Z 2025-03-17T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z dcmtk-3.6.9-3.1 on GA media These are all security issues fixed in the dcmtk-3.6.9-3.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-15963 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-2357/ SUSE CVE CVE-2025-2357 page openSUSE Tumbleweed dcmtk-3.6.9-3.1 dcmtk-devel-3.6.9-3.1 libdcmtk19-3.6.9-3.1 dcmtk-3.6.9-3.1 as a component of openSUSE Tumbleweed dcmtk-devel-3.6.9-3.1 as a component of openSUSE Tumbleweed libdcmtk19-3.6.9-3.1 as a component of openSUSE Tumbleweed A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue. CVE-2025-2357 openSUSE Tumbleweed:dcmtk-3.6.9-3.1 openSUSE Tumbleweed:dcmtk-devel-3.6.9-3.1 openSUSE Tumbleweed:libdcmtk19-3.6.9-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-2357.html CVE-2025-2357 https://bugzilla.suse.com/1239679 SUSE Bug 1239679