[ubuntu/bionic-updates] sox 14.4.2-3ubuntu0.18.04.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Mar 2 11:58:14 UTC 2023
sox (14.4.2-3ubuntu0.18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2019-13590.patch: fixed a possible buffer overflow
in startread function.
- debian/patches/CVE-2021-23159.patch: fixed a possible buffer overflow
in lsx_read_w_buf function (CVE-2021-23159) and in startread function
(CVE-2021-23172)
- debian/patches/CVE-2021-33844.patch: fixed a possible division by zero
in startread function
- debian/patches/CVE-2021-3643.patch: fixed a possible buffer overflow
(CVE-2021-3643) and a possible division by zero (CVE-2021-23210) in
voc component
- debian/patches/CVE-2021-40426.patch: fixed a possible buffer overflow
in start_read function
- debian/patches/CVE-2022-31650.patch: fixed a possible floating-point
exception in lsx_aiffstartwrite function
- debian/patches/CVE-2022-31651.patch: fixed a possible assertion failure
in rate_init function
- debian/patches/fix-hcom-big-endian.patch: fixed a possible assertion
failure in hcom component
- debian/patches/fix-resource-leak-comments.patch: fixed a possible
unexpected behaviour on input parsing failure in formats component
- debian/patches/fix-resource-leak-hcom.patch: fixed a possible
unexpected behaviour on failure in hcom component
- CVE-2019-13590
- CVE-2021-23159
- CVE-2021-23172
- CVE-2021-33844
- CVE-2021-3643
- CVE-2021-23210
- CVE-2021-40426
- CVE-2022-31650
- CVE-2022-31651
* SECURITY UPDATE: Regression
- debian/patches/CVE-2017-11358-revised.patch: fixed a regression caused
by another patch.
- CVE-2017-11358
Date: 2023-03-01 16:59:12.458503+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/sox/14.4.2-3ubuntu0.18.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list