[ubuntu/kinetic-security] sox 14.4.2+git20190427-3ubuntu0.1 (Accepted)
Amir Naseredini
amir.naseredini at canonical.com
Thu Mar 2 11:12:16 UTC 2023
sox (14.4.2+git20190427-3ubuntu0.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-23159.patch: fixed a possible buffer overflow
in lsx_read_w_buf function (CVE-2021-23159) and in startread function
(CVE-2021-23172)
- debian/patches/CVE-2021-33844.patch: fixed a possible division by zero
in startread function
- debian/patches/CVE-2021-3643.patch: fixed a possible buffer overflow
(CVE-2021-3643) and a possible division by zero (CVE-2021-23210) in
voc component
- debian/patches/CVE-2021-40426.patch: fixed a possible buffer overflow
in start_read function
- debian/patches/CVE-2022-31650.patch: fixed a possible floating-point
exception in lsx_aiffstartwrite function
- debian/patches/CVE-2022-31651.patch: fixed a possible assertion failure
in rate_init function
- debian/patches/fix-hcom-big-endian.patch: fixed a possible assertion
failure in hcom component
- debian/patches/fix-resource-leak-comments.patch: fixed a possible
unexpected behaviour on input parsing failure in formats component
- debian/patches/fix-resource-leak-hcom.patch: fixed a possible
unexpected behaviour on failure in hcom component
- CVE-2021-23159
- CVE-2021-23172
- CVE-2021-33844
- CVE-2021-3643
- CVE-2021-23210
- CVE-2021-40426
- CVE-2022-31650
- CVE-2022-31651
* SECURITY UPDATE: Regression
- debian/patches/CVE-2017-11358-revised.patch: fixed a regression caused
by another patch.
- CVE-2017-11358
Date: 2023-03-01 16:58:08.898691+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
https://launchpad.net/ubuntu/+source/sox/14.4.2+git20190427-3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list