Debian Patches

Status for sox/14.4.2+git20190427-5

Search:

Patch	Description	Author	Forwarded	Bugs	Last update
0001-fix-build.patch	fix build	Mans Rullgard <mans@mansr.com>	not-needed		2023-11-11
0002-spelling.patch	spelling fixes	=?utf-8?b?SmFyb23DrXIgTWlrZcWh?= <mira.mikes@seznam.cz>	invalid		2023-11-11
0003-CVE-2017-15371.patch	[PATCH] flac: fix crash on corrupt metadata (CVE-2017-15371)	Mans Rullgard <mans@mansr.com>	no		2017-11-05
0004-CVE-2017-11358.patch	[PATCH] hcom: fix crash on input with corrupt dictionary (CVE-2017-11358)	Mans Rullgard <mans@mansr.com>	no		2017-11-05
0005-CVE-2017-15370.patch	[PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input (CVE-2017-15370) Add the same check bad block size as was done for MS adpcm in commit f39c574b ("More checks for invalid MS ADPCM blocks").	Mans Rullgard <mans@mansr.com>	no		2017-11-05
0006-CVE-2017-11332.patch	[PATCH] wav: fix crash if channel count is zero (CVE-2017-11332)	Mans Rullgard <mans@mansr.com>	no		2017-11-05
0007-CVE-2017-11359.patch	[PATCH] wav: fix crash writing header when channel count >64k (CVE-2017-11359)	Mans Rullgard <mans@mansr.com>	no		2017-11-05
0008-wavpack_check_errors.patch	wavpack: check errors when initializing https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881145 src/wavpack.c \| 8 ++++++++ 1 file changed, 8 insertions(+)	Eric Wong <normalperson@yhbt.net>	not-needed		2023-11-11
0009-lintian-man-sox.patch	Fix - W: sox: manpage-has-errors-from-man usr/share/man/man1/sox.1.gz file `<standard input>' Jaromír Mikeš <mira.mikes@seznam.cz>	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	invalid		2023-11-11
0010-xa-validate-channel-count.patch	A corrupt header specifying zero channels would send read_channels() into an infinite loop. Prevent this by sanity checking the channel count in open_read(). Also add an upper bound to prevent overflow in multiplication. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121 Jaromír Mikeš <mira.mikes@seznam.cz>	Mans Rullgard <mans@mansr.com>	not-needed		2023-11-11
0011-CVE-2017-15372.patch	adpcm: fix stack overflow with >4 channels (CVE-2017-15372)	Mans Rullgard <mans@mansr.com>	no		2017-11-08
0012-CVE-2017-15642.patch	This fixes a use after free and double free if an empty comment chunk follows a non-empty one.	Mans Rullgard <mans@mansr.com>	not-needed		2023-11-11
0013-Handle-vorbis_analysis_headerout-errors.patch	[PATCH] Handle vorbis_analysis_headerout errors This is related to https://github.com/xiph/vorbis/pull/34 but could also happen today with on other errors in the called function. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882236	=?utf-8?q?Guido_G=C3=BCnther?= <agx@sigxcpu.org>	invalid		2017-11-15
0014-CVE-2019-8354.patch	CVE-2019-8354	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	no		2023-11-11
0015-CVE-2019-8355.patch	CVE-2019-8355	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	no		2023-11-11
0016-CVE-2019-8356.patch	CVE-2019-8356	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	no		2023-11-11
0017-CVE-2019-8357.patch	CVE-2019-8357	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	no		2023-11-11
0018-CVE-2019-13590.patch	CVE-2019-13590	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>	no		2023-11-11
0019-fix-resource-leak-comments.patch	fix a resource leak of comments on input parsing failure	Helmut Grohne <helmut@subdivi.de>	no		2023-11-11
0020-fix-resource-leak-hcom.patch	hcom: fix dictionary resource leaks startread and stopread should release p->dictionary in all failure modes.	Helmut Grohne <helmut@subdivi.de>	no		2023-11-11
0021-fix-hcom-big-endian.patch	[PATCH] hcom: fix pointer type confusion [bug #308] The compress() call fails on big endian systems with size_t bigger than int32_t. Fix by using the correct types.	Mans Rullgard <mans@mansr.com>	no		2018-04-28
0022-CVE-2021-3643.patch	voc: word width should never be 0 to avoid division by zero This patch fixes both CVE-2021-3643 and CVE-2021-23210.	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0023-CVE-2021-23159.patch	hcom: validate dictsize This patch fixes both CVE-2021-23159 and CVE-2021-23172.	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0024-CVE-2021-33844.patch	wav: reject 0 bits per sample to avoid division by zero	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0025-CVE-2021-40426.patch	sphere: avoid integer underflow	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0026-CVE-2022-31650.patch	formats+aiff: reject implausibly large number of channels	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0027-CVE-2022-31651.patch	formats: reject implausible rate	Helmut Grohne <helmut@subdivi.de>	yes	debian upstream	2023-11-11
0028-CVE-2023-32627-Filter-null-sampling-rate-in-VOC-code.patch	CVE-2023-32627 Filter null sampling rate in VOC coder Avoid a divide by zero and out of bound read by rejecting null sampling rate in VOC file	=?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org>	yes	debian upstream	2023-08-13
0029-fix-build-gcc14.patch	Add missing include for "fabs". This fixes ftbfs with gcc-14. ===================================================================	Joachim Bauch <fancycode@debian.org>	not-needed		2024-08-04
0030-vorbis-fix-memory-leaks.patch	[PATCH] vorbis: fix memory leaks Data was allocated in startread() and startwrite() that was not freed in stopread() and stopwrite(). Fix it.	Asher Gordon <AsDaGo@posteo.net>	yes		2023-01-29

Showing 1 to 30 of 30 entries

All known versions for source package 'sox'

14.4.2+git20190427-5 (sid, trixie)
14.4.2+git20190427-3.5 (bookworm)
14.4.2+git20190427-2+deb11u2 (bullseye, bullseye-security)

Debian Patches

Status for sox/14.4.2+git20190427-5

All known versions for source package 'sox'

Links