everything related to duct tape audio suite (dtas)
 help / color / mirror / Atom feed
* Fwd: Bug#773720: sox: CVE-2014-8145
@ 2014-12-22 18:24 Eric Wong
  0 siblings, 0 replies; only message in thread
From: Eric Wong @ 2014-12-22 18:24 UTC (permalink / raw)
  To: dtas-all

Since dtas depends on sox: https://bugs.debian.org/773720

----- Forwarded message from Salvatore Bonaccorso <carnil@debian.org> -----

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#773720: sox: CVE-2014-8145

Source: sox
Version: 14.3.1-1
Severity: grave
Tags: security upstream


the following vulnerability was published for sox.

two heap-based buffer overflows

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2014-8145
[1] http://www.ocert.org/advisories/ocert-2014-010.html

Patches are not yet attached/referenced in the advisory, but should be
referenced in upstream git repository soon.


----- End forwarded message -----

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2014-12-22 18:24 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-22 18:24 Fwd: Bug#773720: sox: CVE-2014-8145 Eric Wong

everything related to duct tape audio suite (dtas)

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://80x24.org/dtas-all
	git clone --mirror http://ou63pmih66umazou.onion/dtas-all

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 dtas-all dtas-all/ https://80x24.org/dtas-all \
	public-inbox-index dtas-all

Example config snippet for mirrors.
Newsgroups are available over NNTP:
 note: .onion URLs require Tor: https://www.torproject.org/

code repositories for the project(s) associated with this inbox:


AGPL code for this site: git clone http://ou63pmih66umazou.onion/public-inbox.git