DSA-5473-1 orthanc -- orthancID: oval:org.secpod.oval:def:612609 | Date: (C)2023-08-25 (M)2023-12-01 |
Class: PATCH | Family: unix |
It was discovered that authenticated API users of Orthanc, a DICOM server for medical imaging, could overwrite arbitrary files and in some setups execute arbitrary code. This update backports the option RestApiWriteToFileSystemEnabled, setting it to "true" in /etc/orthanc/orthanc.json restores the previous behaviour.
Platform: |
Debian 12.x |
Debian 11.x |
Product: |
liborthancframework1 |
orthanc |
liborthancframework-dev |