Download
| Alert*
oval:org.secpod.oval:def:70140
sox: Swiss army knife of sound processing SoX could be made to crash if it received a specially crafted MP3 file. oval:org.secpod.oval:def:705102 sox: Swiss army knife of sound processing Details: USN-4079-1 fixed vulnerabilities in SoX. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 19.04. Original advisory SoX could be made to crash if it received a specially crafted MP3 file. oval:org.secpod.oval:def:68053 sox: Swiss army knife of sound processing SoX could be made to crash if it received a specially crafted MP3 file. oval:org.secpod.oval:def:2000125 An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c. oval:org.secpod.oval:def:1901944 An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c. oval:org.secpod.oval:def:58355 sox: Swiss army knife of sound processing Details: USN-4079-1 fixed vulnerabilities in SoX. This update provides the corresponding update for Linux Mint 19.x LTS and Ubuntu 19.04. Original advisory SoX could be made to crash if it received a specially crafted MP3 file. |