Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:

> * gnu/packages/image-processing.scm (dcmtk): Update to 3.6.8.
>
> Change-Id: I4e0203219280a2571267f566cdfc8c2a9ea3fd18
> ---
>  gnu/packages/image-processing.scm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/image-processing.scm b/gnu/packages/image-processing.scm
> index ceef83f3b1e..7c9d12557e7 100644
> --- a/gnu/packages/image-processing.scm
> +++ b/gnu/packages/image-processing.scm
> @@ -167,7 +167,7 @@ (define-public bart
>  (define-public dcmtk
>    (package
>      (name "dcmtk")
> -    (version "3.6.7")
> +    (version "3.6.8")
>      (source
>       (origin
>         (method url-fetch)
> @@ -176,7 +176,7 @@ (define-public dcmtk
>                         "dcmtk" (string-join (string-split version #\.) "")
>                         "/dcmtk-" version ".tar.gz"))
>         (sha256
> -        (base32 "02kix73qhndgb56cmi5327666i6imp7hi17wwqp26q4d7s72jn3w"))))
> +        (base32 "03vjv2lq5kr79ghf8v0q9wskkrcr2ygi097nybmqs4q3amjpc813"))))
>      (build-system cmake-build-system)
>      (arguments
>       ;; By default, only static archives are built.

thanks, i add "This fixes CVE-2022-43272." and push.

see https://git.savannah.gnu.org/cgit/guix.git/commit/?id=63ee61a56dddaf76ecc8bb45b8a0f28bc12469b5