sox 14.4.1-5ubuntu0.1 source package in Ubuntu
Changelog
sox (14.4.1-5ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/0001-Check-for-minimum-size-sphere-headers.patch: Avoid
integer underflow by validating the header_size_ul for NIST sphere
formatted media files.
- debian/patches/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch: Check
the number of samples in a wav block against the expected samples per
block.
- CVE-2014-8145
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2017-11332.patch: wav: fix crash if channel count is
zero
- CVE-2017-11332
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2017-11358.patch: hcom: fix crash on input with
corrupt dictionary
- CVE-2017-11358
* SECURITY UPDATE: Invalid memory read
- debian/patches/CVE-2017-11359.patch: wav: fix crash writing header when
channel count >64k
- CVE-2017-11359
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15370.patch: wav: ima_adpcm: fix buffer overflow
on corrupt input
- CVE-2017-15370
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15371.patch: flac: fix crash on corrupt metadata
- CVE-2017-15371
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15372.patch: adpcm: fix stack overflow with >4
channels
- CVE-2017-15372
* SECURITY UPDATE: Use after free
- debian/patches/CVE-2017-15642.patch: adpcm: fix a user after free and
double free if an empty comment chunk follows a non-empty one.
- CVE-2017-15642
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-18189.patch: Prevent infinite loop caused by
specifying zero channels in a header. Also add an upper bound to prevent
overflow in multiplication
- CVE-2017-18189
-- Mike Salvatore <email address hidden> Thu, 31 Jan 2019 10:18:20 -0500
Upload details
- Uploaded by:
- Mike Salvatore
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- sound
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| sox_14.4.1.orig.tar.gz | 1.1 MiB | 9a8c2c6fe51e608da346a157e111508a957af9e3ecf3de26781d36e9a67fa89b |
| sox_14.4.1-5ubuntu0.1.debian.tar.xz | 16.4 KiB | 6e52d4c9fda90d32bd7437ab0e162cad11495e8248beb25efa2ee613c56221c3 |
| sox_14.4.1-5ubuntu0.1.dsc | 2.7 KiB | 840df03ba8421f67ed6e43a2cec9440e6d6448326c576a26896f6d9123380baf |
Available diffs
Binary packages built by this source
- libsox-dev: Development files for the SoX library
SoX is the swiss army knife of sound processing.
.
This package contains the development files for the SoX library.
- libsox-fmt-all: All SoX format libraries
SoX is the swiss army knife of sound processing.
.
This is a metapackage depending on all free SoX format libraries.
- libsox-fmt-alsa: SoX alsa format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX alsa format I/O library.
.
alsa: http://www.alsa- project. org
- libsox-fmt-alsa-dbgsym: debug symbols for package libsox-fmt-alsa
SoX is the swiss army knife of sound processing.
.
This package contains the SoX alsa format I/O library.
.
alsa: http://www.alsa- project. org
- libsox-fmt-ao: SoX Libao format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Libao format I/O library.
.
libao: http://xiph.org/ ao
- libsox-fmt-ao-dbgsym: debug symbols for package libsox-fmt-ao
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Libao format I/O library.
.
libao: http://xiph.org/ ao
- libsox-fmt-base: Minimal set of SoX format libraries
SoX is the swiss army knife of sound processing.
.
This package contains most audio formats libraries supported by SoX.
Among them: Ogg Vorbis, WAV, AIFF, VOC, SND, AU, GSM, WavPack, LPC10, FLAC,
MATLAB/GNU Octave, Portable Voice Format, AMR and Sound Forge Audio Format.
- libsox-fmt-base-dbgsym: debug symbols for package libsox-fmt-base
SoX is the swiss army knife of sound processing.
.
This package contains most audio formats libraries supported by SoX.
Among them: Ogg Vorbis, WAV, AIFF, VOC, SND, AU, GSM, WavPack, LPC10, FLAC,
MATLAB/GNU Octave, Portable Voice Format, AMR and Sound Forge Audio Format.
- libsox-fmt-mp3: SoX MP2 and MP3 format library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX MP2 and MP3 format library.
Read support by libmad. MP2 and MP3 write support by libtwolame and
libmp3lame respectively.
.
libmad: http://www.underbit. com/products/ mad/
lame: http://lame.sourceforg e.net/
- libsox-fmt-mp3-dbgsym: debug symbols for package libsox-fmt-mp3
SoX is the swiss army knife of sound processing.
.
This package contains the SoX MP2 and MP3 format library.
Read support by libmad. MP2 and MP3 write support by libtwolame and
libmp3lame respectively.
.
libmad: http://www.underbit. com/products/ mad/
lame: http://lame.sourceforg e.net/
- libsox-fmt-oss: SoX OSS format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Open Sound System (OSS)
format I/O library.
.
Open Sound System: http://www.opensound. com/oss. html
- libsox-fmt-oss-dbgsym: debug symbols for package libsox-fmt-oss
SoX is the swiss army knife of sound processing.
.
This package contains the SoX Open Sound System (OSS)
format I/O library.
.
Open Sound System: http://www.opensound. com/oss. html
- libsox-fmt-pulse: SoX PulseAudio format I/O library
SoX is the swiss army knife of sound processing.
.
This package contains the SoX PulseAudio format I/O library.
.
PulseAudio: http://www.pulseaudio. org/
- libsox-fmt-pulse-dbgsym: debug symbols for package libsox-fmt-pulse
SoX is the swiss army knife of sound processing.
.
This package contains the SoX PulseAudio format I/O library.
.
PulseAudio: http://www.pulseaudio. org/
- libsox2: SoX library of audio effects and processing
SoX is the swiss army knife of sound processing.
.
This package contains the SoX library which enables to convert various formats
of computer audio files in to other formats. It also allows you to apply
various effects to sound files.
.
Any format support requires at least libsox-fmt-base.
Sound card I/O requires libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss or
libsox-fmt-pulse.
- libsox2-dbgsym: debug symbols for package libsox2
SoX is the swiss army knife of sound processing.
.
This package contains the SoX library which enables to convert various formats
of computer audio files in to other formats. It also allows you to apply
various effects to sound files.
.
Any format support requires at least libsox-fmt-base.
Sound card I/O requires libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss or
libsox-fmt-pulse.
- sox: Swiss army knife of sound processing
SoX is a command line utility that can convert various formats of computer
audio files in to other formats. It can also apply various effects to these
sound files during the conversion. As an added bonus, SoX can play and record
audio files on several unix-style platforms.
.
SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
GSM and several more.
Any format support requires at least libsox-fmt-base. Some formats have their
own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
.
SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
(respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
libsox-fmt-pulse). It also supports LADSPA plugins.
- sox-dbgsym: debug symbols for package sox
SoX is a command line utility that can convert various formats of computer
audio files in to other formats. It can also apply various effects to these
sound files during the conversion. As an added bonus, SoX can play and record
audio files on several unix-style platforms.
.
SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
GSM and several more.
Any format support requires at least libsox-fmt-base. Some formats have their
own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
.
SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
(respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
libsox-fmt-pulse). It also supports LADSPA plugins.
