[ubuntu/trusty-security] sox 14.4.1-3ubuntu1.1 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Thu Jan 31 21:33:39 UTC 2019

sox (14.4.1-3ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/0001-Check-for-minimum-size-sphere-headers.patch: Avoid
      integer underflow by validating the header_size_ul for NIST sphere
      formatted media files.
    - debian/patches/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch: Check
      the number of samples in a wav block against the expected samples per
    - CVE-2014-8145
  * SECURITY UPDATE: Division by zero
    - debian/patches/CVE-2017-11332.patch: wav: fix crash if channel count is
    - CVE-2017-11332
  * SECURITY UPDATE: Division by zero
    - debian/patches/CVE-2017-11358.patch: hcom: fix crash on input with
      corrupt dictionary
    - CVE-2017-11358
  * SECURITY UPDATE: Invalid memory read
    - debian/patches/CVE-2017-11359.patch: wav: fix crash writing header when
      channel count >64k
    - CVE-2017-11359
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15370.patch: wav: ima_adpcm: fix buffer overflow
      on corrupt input
    - CVE-2017-15370
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15371.patch: flac: fix crash on corrupt metadata
    - CVE-2017-15371
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15372.patch: adpcm: fix stack overflow with >4
    - CVE-2017-15372
  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2017-15642.patch: adpcm: fix a user after free and
      double free if an empty comment chunk follows a non-empty one.
    - CVE-2017-15642
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-18189.patch: Prevent infinite loop caused by
        specifying zero channels in a header. Also add an upper bound to prevent
        overflow in multiplication
    - CVE-2017-18189

Date: 2019-01-31 20:38:18.384394+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list