sox 14.4.1-5+deb8u4ubuntu0.1 source package in Ubuntu
Changelog
sox (14.4.1-5+deb8u4ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Merge from Debian - Fixes: - CVE-2019-8354 - CVE-2019-8356 - CVE-2019-8357 - Fixes overwritten by Debian: - CVE-2017-11332 - CVE-2017-11358 - CVE-2017-11359 - CVE-2017-15370 - CVE-2017-15371 - CVE-2017-15372 - CVE-2017-15642 - CVE-2017-18189 - Ignored Debian's "override_dh_strip" in debian/rules as this change was made by mistake sox (14.4.1-5+deb8u4) jessie-security; urgency=medium * Non-maintainer upload by the LTS Team. * CVE-2019-8354, CVE-2019-8355: buffer overflow in valloc functions. * CVE-2019-8356: stack-based buffer overflow in bitrv2(). * CVE-2019-8357: NULL pointer dereference in lsx_make_lpf(). sox (14.4.1-5+deb8u3) jessie-security; urgency=high * Non-maintainer upload by the LTS Team. * CVE-2017-15371: reachable assertion in sox_append_comment() (formats.c) (Closes: #878809). * CVE-2017-11359: divide-by-zero error wavwritehdr function (wav.c) (Closes: #870328). * CVE-2017-11332: divide-by-zero error in startread function (wav.c). * CVE-2017-11358: invalid memory read in read_samples function (hcom.c). sox (14.4.1-5+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the LTS Team. * CVE-2017-15370: heap-based buffer overflow in the ImaExpandS function of ima_rw.c (Closes: #878810). * CVE-2017-15372: stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c (Closes: #878808). * CVE-2017-18189: null pointer dereference caused by corrupt header specifying zero channels, sending read_channels() into an infinite loop (Closes: #881121). * CVE-2017-15642: use-after-free in output_message, triggered by crafted aiff file (Closes: #882144). sox (14.4.1-5+deb8u1) jessie-security; urgency=medium * Non-maintainer upload. * Add patches for CVE-2014-8145 to series file and really apply fixes. Thanks to Mike Salvatore for spotting the issue. (Closes: #773720) -- Eduardo Barretto <email address hidden> Mon, 29 Jul 2019 11:35:57 -0300
Upload details
- Uploaded by:
- Eduardo Barretto
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- sound
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Xenial | updates | universe | sound | |
Xenial | security | universe | sound |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
sox_14.4.1.orig.tar.gz | 1.1 MiB | 9a8c2c6fe51e608da346a157e111508a957af9e3ecf3de26781d36e9a67fa89b |
sox_14.4.1-5+deb8u4ubuntu0.1.debian.tar.xz | 19.2 KiB | e2d3435fc9a1688c10b491e99aec6183727f3aeb9ed63d851b09dd0e3b5cff0c |
sox_14.4.1-5+deb8u4ubuntu0.1.dsc | 2.7 KiB | e55e879d8eb3e68e58e90623cb17dfae4850da1110773d0db070aefd837e7a45 |
Available diffs
Binary packages built by this source
- libsox-dev: Development files for the SoX library
SoX is the swiss army knife of sound processing.
.
This package contains the development files for the SoX library.
- libsox-fmt-all: All SoX format libraries
SoX is the swiss army knife of sound processing.
.
This is a metapackage depending on all free SoX format libraries.
- libsox-fmt-alsa: SoX alsa format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX alsa format I/O library.
.
alsa: http://www.alsa- project. org
- libsox-fmt-alsa-dbgsym: debug symbols for package libsox-fmt-alsa
SoX is the swiss army knife of sound processing.
.
This package contains the SoX alsa format I/O library.
.
alsa: http://www.alsa- project. org
- libsox-fmt-ao: SoX Libao format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Libao format I/O library.
.
libao: http://xiph.org/ ao
- libsox-fmt-ao-dbgsym: debug symbols for package libsox-fmt-ao
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Libao format I/O library.
.
libao: http://xiph.org/ ao
- libsox-fmt-base: Minimal set of SoX format libraries
SoX is the swiss army knife of sound processing.
.
This package contains most audio formats libraries supported by SoX.
Among them: Ogg Vorbis, WAV, AIFF, VOC, SND, AU, GSM, WavPack, LPC10, FLAC,
MATLAB/GNU Octave, Portable Voice Format, AMR and Sound Forge Audio Format.
- libsox-fmt-base-dbgsym: debug symbols for package libsox-fmt-base
SoX is the swiss army knife of sound processing.
.
This package contains most audio formats libraries supported by SoX.
Among them: Ogg Vorbis, WAV, AIFF, VOC, SND, AU, GSM, WavPack, LPC10, FLAC,
MATLAB/GNU Octave, Portable Voice Format, AMR and Sound Forge Audio Format.
- libsox-fmt-mp3: SoX MP2 and MP3 format library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX MP2 and MP3 format library.
Read support by libmad. MP2 and MP3 write support by libtwolame and
libmp3lame respectively.
.
libmad: http://www.underbit. com/products/ mad/
lame: http://lame.sourceforg e.net/
- libsox-fmt-mp3-dbgsym: debug symbols for package libsox-fmt-mp3
SoX is the swiss army knife of sound processing.
.
This package contains the SoX MP2 and MP3 format library.
Read support by libmad. MP2 and MP3 write support by libtwolame and
libmp3lame respectively.
.
libmad: http://www.underbit. com/products/ mad/
lame: http://lame.sourceforg e.net/
- libsox-fmt-oss: SoX OSS format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Open Sound System (OSS)
format I/O library.
.
Open Sound System: http://www.opensound. com/oss. html
- libsox-fmt-oss-dbgsym: debug symbols for package libsox-fmt-oss
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Open Sound System (OSS)
format I/O library.
.
Open Sound System: http://www.opensound. com/oss. html
- libsox-fmt-pulse: SoX PulseAudio format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX PulseAudio format I/O library.
.
PulseAudio: http://www.pulseaudio. org/
- libsox-fmt-pulse-dbgsym: debug symbols for package libsox-fmt-pulse
SoX is the swiss army knife of sound processing.
.
This package contains the SoX PulseAudio format I/O library.
.
PulseAudio: http://www.pulseaudio. org/
- libsox2: SoX library of audio effects and processing
SoX is the swiss army knife of sound processing.
.
This package contains the SoX library which enables to convert various formats
of computer audio files in to other formats. It also allows you to apply
various effects to sound files.
.
Any format support requires at least libsox-fmt-base.
Sound card I/O requires libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss or
libsox-fmt-pulse.
- libsox2-dbgsym: debug symbols for package libsox2
SoX is the swiss army knife of sound processing.
.
This package contains the SoX library which enables to convert various formats
of computer audio files in to other formats. It also allows you to apply
various effects to sound files.
.
Any format support requires at least libsox-fmt-base.
Sound card I/O requires libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss or
libsox-fmt-pulse.
- sox: Swiss army knife of sound processing
SoX is a command line utility that can convert various formats of computer
audio files in to other formats. It can also apply various effects to these
sound files during the conversion. As an added bonus, SoX can play and record
audio files on several unix-style platforms.
.
SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
GSM and several more.
Any format support requires at least libsox-fmt-base. Some formats have their
own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
.
SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
(respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
libsox-fmt-pulse). It also supports LADSPA plugins.
- sox-dbgsym: debug symbols for package sox
SoX is a command line utility that can convert various formats of computer
audio files in to other formats. It can also apply various effects to these
sound files during the conversion. As an added bonus, SoX can play and record
audio files on several unix-style platforms.
.
SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
GSM and several more.
Any format support requires at least libsox-fmt-base. Some formats have their
own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
.
SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
(respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
libsox-fmt-pulse). It also supports LADSPA plugins.