Information on source package sox

Available versions

ReleaseVersion
wheezy (security)14.4.0-3+deb7u1
jessie14.4.1-5
stretch14.4.1-5
buster14.4.1-5
sid14.4.1-5

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-15642vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableIn lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is ...
CVE-2017-15372vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThere is a stack-based buffer overflow in the ...
CVE-2017-15371vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThere is a reachable assertion abort in the function ...
CVE-2017-15370vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThere is a heap-based buffer overflow in the ImaExpandS function of ...
CVE-2017-11359vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...
CVE-2017-11358vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...
CVE-2017-11332vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...

Resolved issues

BugDescription
CVE-2014-8145Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...
CVE-2004-0557Multiple buffer overflows in the st_wavstartread function in wav.c for ...

Security announcements

DSA / DLADescription
DLA-128-1sox - security update
DSA-3112-1sox - security update
DSA-565-1sox - buffer overflows

Search for package or bug name: Reporting problems