sox 14.4.2-3ubuntu0.18.04.1 source package in Ubuntu

Changelog

sox (14.4.2-3ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow on the result of multiplication fed into
    malloc.
    - debian/patches/CVE-2019-8354.patch: fix possible buffer size overflow in
      lsx_make_lpf()
    - CVE-2019-8354
  * SECURITY UPDATE: Integer overflow on the result of multiplication fed into
    lsx_valloc macro that wraps malloc.
    - debian/patches/CVE-2019-8355.patch: fix possible overflow in
      lsx_(re)valloc() size calculation
    - CVE-2019-8355
  * SECURITY UPDATE: Stack-based buffer overflow can lead to write access
    outside of the statically declared array.
    - debian/patches/CVE-2019-8356.patch: fft4g bail if size too large.
    - CVE-2019-8356
  * SECURITY UPDATE: NULL pointer deference in lsx_make_lpf.
    - debian/patches/CVE-2019-8357.patch: fix possible null pointer deref in
      lsx_make_lpf()
    - CVE-2019-8357

 -- Eduardo Barretto <email address hidden>  Thu, 01 Aug 2019 12:27:09 -0300

Upload details

Uploaded by:
Eduardo Barretto
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
sound
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
sox_14.4.2.orig.tar.bz2 913.5 KiB 81a6956d4330e75b5827316e44ae381e6f1e8928003c6aa45896da9041ea149c
sox_14.4.2-3ubuntu0.18.04.1.debian.tar.xz 24.2 KiB 349b4eb0359611f2177e2de9aa89fb9abcc125bf74db3b7b61c404bd0ff75a2c
sox_14.4.2-3ubuntu0.18.04.1.dsc 2.8 KiB 3921e6d7e3e976612b307cd9718c7670482b139c23bd31dd4f9f5106cb2e3b11

View changes file

Binary packages built by this source

libsox-dev: Development files for the SoX library

 SoX is the swiss army knife of sound processing.
 .
 This library allow you to convert various formats of computer audio files
 in to other formats. It also allows you to apply
 various effects to sound files.
 .
 This package contains the development files for the SoX library.

libsox-fmt-all: All SoX format libraries

 SoX is the swiss army knife of sound processing.
 .
 This is a metapackage depending on all free SoX format libraries.

libsox-fmt-alsa: SoX alsa format I/O library

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX alsa format I/O library.
 .
 alsa: https://www.alsa-project.org/main/index.php/Main_Page

libsox-fmt-alsa-dbgsym: debug symbols for libsox-fmt-alsa
libsox-fmt-ao: SoX Libao format I/O library

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX Libao format I/O library.
 .
 libao: https://xiph.org/ao

libsox-fmt-ao-dbgsym: debug symbols for libsox-fmt-ao
libsox-fmt-base: Minimal set of SoX format libraries

 SoX is the swiss army knife of sound processing.
 .
 This package contains most audio formats libraries supported by SoX.
 Among them: Ogg Vorbis, WAV, AIFF, VOC, SND, AU, GSM, WavPack, LPC10, FLAC,
 MATLAB/GNU Octave, Portable Voice Format, AMR and Sound Forge Audio Format.

libsox-fmt-base-dbgsym: debug symbols for libsox-fmt-base
libsox-fmt-mp3: SoX MP2 and MP3 format library

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX MP2 and MP3 format library.
 Read support by libmad. MP2 and MP3 write support by libtwolame and
 libmp3lame respectively.
 .
 libmad: https://www.underbit.com/products/mad/
 lame: https://lame.sourceforge.io

libsox-fmt-mp3-dbgsym: debug symbols for libsox-fmt-mp3
libsox-fmt-oss: SoX OSS format I/O library

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX Open Sound System (OSS)
 format I/O library.
 .
 Open Sound System: http://www.opensound.com/oss.html

libsox-fmt-oss-dbgsym: debug symbols for libsox-fmt-oss
libsox-fmt-pulse: SoX PulseAudio format I/O library

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX PulseAudio format I/O library.
 .
 PulseAudio: https://www.freedesktop.org/wiki/Software/PulseAudio/

libsox-fmt-pulse-dbgsym: debug symbols for libsox-fmt-pulse
libsox3: SoX library of audio effects and processing

 SoX is the swiss army knife of sound processing.
 .
 This package contains the SoX library which enables to convert various formats
 of computer audio files in to other formats. It also allows you to apply
 various effects to sound files.
 .
 Any format support requires at least libsox-fmt-base.
 Sound card I/O requires libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss or
 libsox-fmt-pulse.

libsox3-dbgsym: debug symbols for libsox3
sox: Swiss army knife of sound processing

 SoX is a command line utility that can convert various formats of computer
 audio files in to other formats. It can also apply various effects to these
 sound files during the conversion. As an added bonus, SoX can play and record
 audio files on several unix-style platforms.
 .
 SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
 GSM and several more.
 Any format support requires at least libsox-fmt-base. Some formats have their
 own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
 .
 SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
 (respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
 libsox-fmt-pulse). It also supports LADSPA plugins.

sox-dbgsym: debug symbols for sox