Accepted sox 14.4.1-5+deb8u2 (source amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 Feb 2019 08:58:56 +0100
Source: sox
Binary: sox libsox2 libsox-fmt-base libsox-fmt-alsa libsox-fmt-ao libsox-fmt-mp3 libsox-fmt-oss libsox-fmt-pulse libsox-fmt-all libsox-dev
Architecture: source amd64
Version: 14.4.1-5+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Pascal Giard <pascal@debian.org>
Changed-By: Hugo Lefeuvre <hle@debian.org>
Description:
libsox-dev - Development files for the SoX library
libsox-fmt-all - All SoX format libraries
libsox-fmt-alsa - SoX alsa format I/O library
libsox-fmt-ao - SoX Libao format I/O library
libsox-fmt-base - Minimal set of SoX format libraries
libsox-fmt-mp3 - SoX MP2 and MP3 format library
libsox-fmt-oss - SoX OSS format I/O library
libsox-fmt-pulse - SoX PulseAudio format I/O library
libsox2 - SoX library of audio effects and processing
sox - Swiss army knife of sound processing
Closes: 878808 878810 881121 882144
Changes:
sox (14.4.1-5+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2017-15370: heap-based buffer overflow in the ImaExpandS function
of ima_rw.c (Closes: #878810).
* CVE-2017-15372: stack-based buffer overflow in the
lsx_ms_adpcm_block_expand_i function of adpcm.c (Closes: #878808).
* CVE-2017-18189: null pointer dereference caused by corrupt header
specifying zero channels, sending read_channels() into an infinite loop
(Closes: #881121).
* CVE-2017-15642: use-after-free in output_message, triggered by crafted
aiff file (Closes: #882144).
Checksums-Sha1:
08d778a3a2597fb09965215b17f7ea6c23cb4e7b 2318 sox_14.4.1-5+deb8u2.dsc
91100373c84731f6d5910e1014f8a268279b12cf 15604 sox_14.4.1-5+deb8u2.debian.tar.xz
c00973ed2cb26ad43576c8b06aafeeffa3e084f9 137386 sox_14.4.1-5+deb8u2_amd64.deb
4afb4bf54e0374bee61423fedd9419b96e8efb3d 267458 libsox2_14.4.1-5+deb8u2_amd64.deb
d93f6bb8a1bc3ad38b09eebd186bbe969531d4d3 68518 libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb
555b45cbb8da6bba0321864510992773af665f7a 47110 libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb
00743263075d3487e46a6dc0c45f0dfd1491e41c 44018 libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb
360c240956bac3319af262d9a281aab44ff1ff8c 52176 libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb
631ed504e30cdba9220daa86ad1f2dc6f70d5454 44554 libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb
434f260430f471c69cc96c0656ececf2f41dda19 44062 libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb
ce3fd31aa330e9978449ffdb667202dce8d59820 41626 libsox-fmt-all_14.4.1-5+deb8u2_amd64.deb
b30dcd5134c6091f96b22a7f057256159c551244 356446 libsox-dev_14.4.1-5+deb8u2_amd64.deb
Checksums-Sha256:
13c401966562a47b515e1316203f142b8bef922426673bc6122bee76f7c7e3de 2318 sox_14.4.1-5+deb8u2.dsc
d709df28c8262653e8f2c4f8d470749a9aef4e6ca76095ff13e9d232585c53b8 15604 sox_14.4.1-5+deb8u2.debian.tar.xz
1cb65cc661a06a32b2af270b3476583ad0e6909c5f688086a5451bc11cdc82b4 137386 sox_14.4.1-5+deb8u2_amd64.deb
075d1c84b472962fe8f01a67be1d9f74acc35b1eadd33022de0df4580e3b055f 267458 libsox2_14.4.1-5+deb8u2_amd64.deb
3abbc88e317fda0a181d1b0d4075bedf339b60035fbb7476a7d6e2fac7fc06ec 68518 libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb
8bf3b38aca6786549bff42a15d91bf1f8b169f727bc6bca7b81fc2829da8df9f 47110 libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb
5fa569742c86de98ac4594d5e0f2da4c28cc03abb858b9ddf7152e52a7bc44f1 44018 libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb
22c8150fd70413fad466c14fb94c607cb6b3d15bc7aa89379ff25f14518ba87a 52176 libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb
e6c3fb94a825c26bc6a5be64d189f0bf7e36e7945dc10517c25bfe339f194a92 44554 libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb
f5708948fe2769204d9a016d4a4f4b74a649f860a306df0a4aa3ad3ff746c7a8 44062 libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb
02551fd3680a91edb0e7a2c7688ae42143e66c5c09338b38a4830cd4962bcfe1 41626 libsox-fmt-all_14.4.1-5+deb8u2_amd64.deb
34d06c561a87b0bd50117422ce8c6f53a9af08b6e1270faaad3bea45e50171c9 356446 libsox-dev_14.4.1-5+deb8u2_amd64.deb
Files:
86b718b46ef01a41475e0884be8d1275 2318 sound optional sox_14.4.1-5+deb8u2.dsc
f5994b483127fa3f008edeb417778bbb 15604 sound optional sox_14.4.1-5+deb8u2.debian.tar.xz
3eb4ca2d6cbf6fef4ec364513902a2c3 137386 sound optional sox_14.4.1-5+deb8u2_amd64.deb
82bbd5d8122d90b3b0a21aeb7af03655 267458 libs optional libsox2_14.4.1-5+deb8u2_amd64.deb
9ee773303915ae67394cb7bf09efed1f 68518 libs optional libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb
043823bb04251d7c3a80a8ccc538355c 47110 libs optional libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb
9fbbc38e8dfe556974294dbbad6cb93c 44018 libs optional libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb
00c8ccf22f77fb726e681c983a83c97d 52176 libs optional libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb
2cec4e736f71d47d310d180e4033d640 44554 libs optional libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb
b75f53e6e13a98d8879263857c05c6c8 44062 libs optional libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb
d232016138246b8b394c8a20b9c46e2c 41626 libs optional libsox-fmt-all_14.4.1-5+deb8u2_amd64.deb
46b486047b5f264ff7a9859de3040262 356446 libdevel optional libsox-dev_14.4.1-5+deb8u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlx3rwMACgkQZYVUZx9w
0DQmXwf/Z7p7OjrcV/Wu12/R9DCtLDDHzlsrABA04KZB1+rUagjRSPeaqI+59FSe
e1ST5IfhMQJcfNmfNsu9hPN9kY6vXFLonv4Sn0DFHcaO/8H9pGsOy/tHYB6+/wcR
Q+10CtYDq+NvQFv3XY8MTqegIu17rT8s5XKOXtgme88oEaBls0BpqPx0YZhZFDA+
ET2y0VSxCCMlMf1Epkb/BD35ePaTkDR15ItZ6L0pcJOwl41EHVO+b+8CCjn0f74x
/uS2FVCOhxn5ASOPSLPKeY8t0JmbtqUMg1PI6bkJz+2dtVPElblN1hDi8uVsGzTw
sFzTbrfs4CHUeEJXtXZwBv7L/xzo1Q==
=BpUs
-----END PGP SIGNATURE-----