Information on source package sox

Available versions

ReleaseVersion
jessie14.4.1-5+deb8u7
stretch14.4.1-5+deb9u5
buster14.4.2+git20190427-1+deb10u3
bullseye14.4.2+git20190427-2+deb11u2
bookworm14.4.2+git20190427-3.5
trixie14.4.2+git20190427-5
sid14.4.2+git20190427-5

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-32627fixedfixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedA floating point exception vulnerability was found in sox, in the read ...

Resolved issues

BugDescription
CVE-2023-34432A heap buffer overflow vulnerability was found in sox, in the lsx_read ...
CVE-2023-34318A heap buffer overflow vulnerability was found in sox, in the startrea ...
CVE-2023-26590A floating point exception vulnerability was found in sox, in the lsx_ ...
CVE-2022-31651In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in ...
CVE-2022-31650In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwri ...
CVE-2021-40426A heap-based buffer overflow vulnerability exists in the sphere.c star ...
CVE-2021-33844A floating point exception (divide-by-zero) issue was discovered in So ...
CVE-2021-23210A floating point exception (divide-by-zero) issue was discovered in So ...
CVE-2021-23172A vulnerability was found in SoX, where a heap-buffer-overflow occurs ...
CVE-2021-23159A vulnerability was found in SoX, where a heap-buffer-overflow occurs ...
CVE-2021-3643A flaw was found in sox 14.4.1. The lsx_adpcm_init function within lib ...
CVE-2019-1010004SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds ...
CVE-2019-13590An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (start ...
CVE-2019-8357An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...
CVE-2019-8356An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 ...
CVE-2019-8355An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...
CVE-2019-8354An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...
CVE-2017-18189In the startread function in xa.c in Sound eXchange (SoX) through 14.4 ...
CVE-2017-15642In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there i ...
CVE-2017-15372There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expan ...
CVE-2017-15371There is a reachable assertion abort in the function sox_append_commen ...
CVE-2017-15370There is a heap-based buffer overflow in the ImaExpandS function of im ...
CVE-2017-11359The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allow ...
CVE-2017-11358The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 all ...
CVE-2017-11332The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...
CVE-2014-8145Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 an ...
CVE-2004-0557Multiple buffer overflows in the st_wavstartread function in wav.c for ...

Security announcements

DSA / DLADescription
DLA-3527-1sox - security update
ELA-918-1sox - security update
DLA-3315-2sox - regression update
ELA-798-2sox - regression update
DSA-5356-2sox - regression update
DSA-5356-1sox - security update
DLA-3315-1sox - security update
ELA-798-1sox - security update
DLA-1808-1sox - security update
DLA-1705-1sox - security update
DLA-1695-1sox - security update
DLA-1687-1sox - security update
DLA-1197-1sox - security update
DLA-128-1sox - security update
DSA-3112-1sox - security update
DSA-565-1sox - buffer overflows

Search for package or bug name: Reporting problems