Information on source package sox

Available versions

ReleaseVersion
jessie14.4.1-5
jessie (security)14.4.1-5+deb8u4
stretch14.4.1-5+deb9u1
buster14.4.2+git20190427-1
bullseye14.4.2+git20190427-1
sid14.4.2+git20190427-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-8357fixedvulnerablefixedfixedfixedAn issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...
CVE-2019-8356fixedvulnerablefixedfixedfixedAn issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 ...
CVE-2019-8355fixedvulnerablefixedfixedfixedAn issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...
CVE-2019-8354fixedvulnerablefixedfixedfixedAn issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...
CVE-2019-13590vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableAn issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (start ...
CVE-2019-1010004fixedvulnerable (no DSA)fixedfixedfixedSoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds ...
CVE-2017-18189fixedvulnerable (no DSA)fixedfixedfixedIn the startread function in xa.c in Sound eXchange (SoX) through 14.4 ...
CVE-2017-15642fixedvulnerable (no DSA)fixedfixedfixedIn lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there i ...
CVE-2017-15372fixedvulnerable (no DSA)fixedfixedfixedThere is a stack-based buffer overflow in the lsx_ms_adpcm_block_expan ...
CVE-2017-15371fixedvulnerable (no DSA)fixedfixedfixedThere is a reachable assertion abort in the function sox_append_commen ...
CVE-2017-15370fixedvulnerable (no DSA)fixedfixedfixedThere is a heap-based buffer overflow in the ImaExpandS function of im ...
CVE-2017-11359fixedvulnerable (no DSA)fixedfixedfixedThe wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allow ...
CVE-2017-11358fixedvulnerable (no DSA)fixedfixedfixedThe read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 all ...
CVE-2017-11332fixedvulnerable (no DSA)fixedfixedfixedThe startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...

Resolved issues

BugDescription
CVE-2014-8145Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 an ...
CVE-2004-0557Multiple buffer overflows in the st_wavstartread function in wav.c for ...

Security announcements

DSA / DLADescription
DLA-1808-1sox - security update
DLA-1705-1sox - security update
DLA-1695-1sox - security update
DLA-1687-1sox - security update
DLA-1197-1sox - security update
DLA-128-1sox - security update
DSA-3112-1sox - security update
DSA-565-1sox - buffer overflows
Search for package or bug name: Reporting problems