Change logs for orthanc source package in Bullseye

  • orthanc (1.9.2+really1.9.1+dfsg-1+deb11u1) bullseye-security; urgency=high
    
      * Team upload.
      * cve-2023-33466.patch: disable file system writes.
        This patch backports the option RestApiWriteToFileSystemEnabled to
        Orthanc in Debian bullseye.  This allows delivering Orthanc without
        being vulnerable to arbitrary writes to the file system by
        authenticated users, referenced as CVE-2023-33466.  The legacy and
        vulnerable behaviour can be restored by setting the variable
        RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json.
        (Closes: #1040597)
    
     -- Étienne Mollier <email address hidden>  Wed, 19 Jul 2023 16:48:56 +0200
  • orthanc (1.9.2+really1.9.1+dfsg-1) unstable; urgency=medium
    
      * Team upload.
      * Revert orthanc to package version 1.9.1+dfsg-1 since 1.9.2+dfsg-1 was
        actually not intended for bullseye
      * d/rules: adjust UPSTREAM_VERSION filter to handle +really versions properly
    
     -- Étienne Mollier <email address hidden>  Fri, 04 Jun 2021 22:03:18 +0200