# HG changeset patch
# User Sebastien Jodogne <s.jodogne@gmail.com>
# Date 1481914788 -3600
# Node ID eb363ec95d863989abf5a59174ff3164c2831f2e
# Parent  df47c45694edde17d84743181833edcac50713d4
vulnerabilities disclosed

diff -r df47c45694ed -r eb363ec95d86 NEWS
--- a/NEWS	Fri Dec 16 17:50:51 2016 +0100
+++ b/NEWS	Fri Dec 16 19:59:48 2016 +0100
@@ -51,6 +51,9 @@
 * Ignore "Group Length" tags in C-FIND queries
 * Fix handling of worklist SCP with ReferencedStudySequence and ReferencedPatientSequence
 * Fix handling of Move Originator AET and ID in C-MOVE SCP
+* Fix vulnerability ZSL-2016-5379 "Unquoted Service Path Privilege Escalation" in the
+  Windows service
+* Fix vulnerability ZSL-2016-5380 "Remote Memory Corruption Vulnerability" in DCMTK 3.6.0
 
 
 Version 1.1.0 (2016/06/27)