Fwd: Bug#773720: sox: CVE-2014-8145

dtas-all

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: Bug#773720: sox: CVE-2014-8145

From:	Eric Wong
Subject:	Fwd: Bug#773720: sox: CVE-2014-8145
Date:	Mon, 22 Dec 2014 18:24:19 +0000

Since dtas depends on sox: https://bugs.debian.org/773720

----- Forwarded message from Salvatore Bonaccorso <address@hidden> -----

From: Salvatore Bonaccorso <address@hidden>
To: Debian Bug Tracking System <address@hidden>
Subject: Bug#773720: sox: CVE-2014-8145

Source: sox
Version: 14.3.1-1
Severity: grave
Tags: security upstream

Hi,

the following vulnerability was published for sox.

CVE-2014-8145[0]:
two heap-based buffer overflows

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2014-8145
[1] http://www.ocert.org/advisories/ocert-2014-010.html

Patches are not yet attached/referenced in the advisory, but should be
referenced in upstream git repository soon.

Regards,
Salvatore

----- End forwarded message -----

[Prev in Thread]

Current Thread

[Next in Thread]

Fwd: Bug#773720: sox: CVE-2014-8145, Eric Wong <=

Prev by Date: [ANN] dtas 0.9.0 - duct tape audio suite for *nix
Next by Date: [PATCH] restart "source ed" after env changes
Previous by thread: [ANN] dtas 0.9.0 - duct tape audio suite for *nix
Next by thread: [PATCH] restart "source ed" after env changes
Index(es):
- Date
- Thread