Information on source package sox

Available versions

ReleaseVersion
jessie14.4.1-5
stretch14.4.1-5
buster14.4.2-3
sid14.4.2-3

Open issues

BugjessiestretchbustersidDescription
CVE-2017-18189vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn the startread function in xa.c in Sound eXchange (SoX) through ...
CVE-2017-15642vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is ...
CVE-2017-15372vulnerable (no DSA)vulnerable (no DSA)fixedfixedThere is a stack-based buffer overflow in the ...
CVE-2017-15371vulnerable (no DSA)vulnerable (no DSA)fixedfixedThere is a reachable assertion abort in the function ...
CVE-2017-15370vulnerable (no DSA)vulnerable (no DSA)fixedfixedThere is a heap-based buffer overflow in the ImaExpandS function of ...
CVE-2017-11359vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...
CVE-2017-11358vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...
CVE-2017-11332vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...

Resolved issues

BugDescription
CVE-2014-8145Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...
CVE-2004-0557Multiple buffer overflows in the st_wavstartread function in wav.c for ...

Security announcements

DSA / DLADescription
DLA-1197-1sox - security update
DLA-128-1sox - security update
DSA-3112-1sox - security update
DSA-565-1sox - buffer overflows

Search for package or bug name: Reporting problems