UbuntuUpdates.org

Package "libsox-fmt-ao"

Name: libsox-fmt-ao

Description:

SoX Libao format I/O library

Latest version: 14.4.1-5+deb8u4ubuntu0.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: sox
Homepage: http://sox.sourceforge.net

Links


Download "libsox-fmt-ao"


Other versions of "libsox-fmt-ao" in Xenial

Repository Area Version
base universe 14.4.1-5
security universe 14.4.1-5+deb8u4ubuntu0.1

Changelog

Version: 14.4.1-5+deb8u4ubuntu0.1 2019-07-30 21:07:14 UTC

  sox (14.4.1-5+deb8u4ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Merge from Debian
    - Fixes:
      - CVE-2019-8354
      - CVE-2019-8356
      - CVE-2019-8357
    - Fixes overwritten by Debian:
      - CVE-2017-11332
      - CVE-2017-11358
      - CVE-2017-11359
      - CVE-2017-15370
      - CVE-2017-15371
      - CVE-2017-15372
      - CVE-2017-15642
      - CVE-2017-18189
    - Ignored Debian's "override_dh_strip" in debian/rules as this change was
      made by mistake

Source diff to previous version
CVE-2019-8354 An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When t
CVE-2019-8356 An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the
CVE-2019-8357 An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
CVE-2017-11332 The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and applica
CVE-2017-11358 The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and appl
CVE-2017-11359 The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and appli
CVE-2017-15370 There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of
CVE-2017-15371 There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a
CVE-2017-15372 There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will le
CVE-2017-15642 In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
CVE-2017-18189 In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a

Version: 14.4.1-5ubuntu0.1 2019-02-01 00:06:58 UTC

  sox (14.4.1-5ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/0001-Check-for-minimum-size-sphere-headers.patch: Avoid
      integer underflow by validating the header_size_ul for NIST sphere
      formatted media files.
    - debian/patches/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch: Check
      the number of samples in a wav block against the expected samples per
      block.
    - CVE-2014-8145
  * SECURITY UPDATE: Division by zero
    - debian/patches/CVE-2017-11332.patch: wav: fix crash if channel count is
      zero
    - CVE-2017-11332
  * SECURITY UPDATE: Division by zero
    - debian/patches/CVE-2017-11358.patch: hcom: fix crash on input with
      corrupt dictionary
    - CVE-2017-11358
  * SECURITY UPDATE: Invalid memory read
    - debian/patches/CVE-2017-11359.patch: wav: fix crash writing header when
      channel count >64k
    - CVE-2017-11359
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15370.patch: wav: ima_adpcm: fix buffer overflow
      on corrupt input
    - CVE-2017-15370
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15371.patch: flac: fix crash on corrupt metadata
    - CVE-2017-15371
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2017-15372.patch: adpcm: fix stack overflow with >4
      channels
    - CVE-2017-15372
  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2017-15642.patch: adpcm: fix a user after free and
      double free if an empty comment chunk follows a non-empty one.
    - CVE-2017-15642
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-18189.patch: Prevent infinite loop caused by
        specifying zero channels in a header. Also add an upper bound to prevent
        overflow in multiplication
    - CVE-2017-18189

 -- Mike Salvatore <email address hidden> Thu, 31 Jan 2019 10:18:20 -0500

CVE-2014-8145 Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV f
CVE-2017-11332 The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and applica
CVE-2017-11358 The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and appl
CVE-2017-11359 The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and appli
CVE-2017-15370 There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of
CVE-2017-15371 There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a
CVE-2017-15372 There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will le
CVE-2017-15642 In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
CVE-2017-18189 In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a



About   -   Send Feedback to @ubuntu_updates