GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Oct 06, 2018 5:26 pm Post subject: [ GLSA 201810-02 ] SoX |
|
|
Gentoo Linux Security Advisory
Title: SoX: Multiple vulnerabilities (GLSA 201810-02)
Severity: normal
Exploitable: remote
Date: 2018-10-06
Bug(s): #626702, #627570, #634450, #634814
ID: 201810-02
Synopsis
Multiple vulnerabilities have been found in SoX, the worst of which
may lead to a Denial of Service condition.
Background
SoX is a command line utility that can convert various formats of
computer audio files in to other formats.
Affected Packages
Package: media-sound/sox
Vulnerable: < 14.4.2-r1
Unaffected: >= 14.4.2-r1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in SoX. Please review the
referenced CVE identifiers for details.
Impact
A remote attacker, by enticing a user to process a crafted WAV, HCOM,
SND, or AIFF file, could cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All SoX users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-sound/sox-14.4.2-r1"
|
References
CVE-2017-11332
CVE-2017-11358
CVE-2017-11359
CVE-2017-15370
CVE-2017-15371
CVE-2017-15372
CVE-2017-15642 |
|