Summary: | <media-sound/sox-14.4.2-r1: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://seclists.org/fulldisclosure/2017/Jul/81 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 634814 | ||
Bug Blocks: |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-31 13:14:30 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab144c7631ebe685ffec603e48824403fcd00cdd commit ab144c7631ebe685ffec603e48824403fcd00cdd Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-06-10 23:45:11 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-06-11 00:04:20 +0000 media-sound/sox: A truckload of security Kindly provided by Debian packaging... Bug: https://bugs.gentoo.org/627570 Bug: https://bugs.gentoo.org/626702 Bug: https://bugs.gentoo.org/634814 Bug: https://bugs.gentoo.org/634450 Package-Manager: Portage-2.3.40, Repoman-2.3.9 .../sox/files/sox-14.4.2-CVE-2017-11332.patch | 25 ++++++ .../sox/files/sox-14.4.2-CVE-2017-11333.patch | 43 ++++++++++ .../sox/files/sox-14.4.2-CVE-2017-11358.patch | 26 ++++++ .../sox/files/sox-14.4.2-CVE-2017-11359.patch | 27 ++++++ .../sox/files/sox-14.4.2-CVE-2017-15370.patch | 25 ++++++ .../sox/files/sox-14.4.2-CVE-2017-15371.patch | 37 +++++++++ .../sox/files/sox-14.4.2-CVE-2017-15372.patch | 97 ++++++++++++++++++++++ .../sox/files/sox-14.4.2-CVE-2017-15642.patch | 28 +++++++ .../sox/files/sox-14.4.2-CVE-2017-18189.patch | 30 +++++++ .../sox-14.4.2-wavpack-chk-errors-on-init.patch | 35 ++++++++ media-sound/sox/sox-14.4.2-r1.ebuild | 13 +++ 11 files changed, 386 insertions(+) sound is done here, anyway... Arches and Maintainer(s). Thank you for your work. GLSA Vote: Yes This issue was resolved and addressed in GLSA 201810-02 at https://security.gentoo.org/glsa/201810-02 by GLSA coordinator Aaron Bauman (b-man). |