everything related to duct tape audio suite (dtas)
 help / color / mirror / code / Atom feed
* Fwd: Bug#773720: sox: CVE-2014-8145
@ 2014-12-22 18:24 Eric Wong
  0 siblings, 0 replies; only message in thread
From: Eric Wong @ 2014-12-22 18:24 UTC (permalink / raw)
  To: dtas-all

Since dtas depends on sox: https://bugs.debian.org/773720

----- Forwarded message from Salvatore Bonaccorso <carnil@debian.org> -----

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#773720: sox: CVE-2014-8145

Source: sox
Version: 14.3.1-1
Severity: grave
Tags: security upstream

Hi,

the following vulnerability was published for sox.

CVE-2014-8145[0]:
two heap-based buffer overflows

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2014-8145
[1] http://www.ocert.org/advisories/ocert-2014-010.html

Patches are not yet attached/referenced in the advisory, but should be
referenced in upstream git repository soon.

Regards,
Salvatore


----- End forwarded message -----


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2014-12-22 18:24 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-22 18:24 Fwd: Bug#773720: sox: CVE-2014-8145 Eric Wong

Code repositories for project(s) associated with this inbox:

	../../../dtas.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).