Bug#1012516: sox: CVE-2022-31650 CVE-2022-31651
Source: sox
X-Debbugs-CC: team@security.debian.org
Severity: normal
Tags: security
Hi,
The following vulnerabilities were published for sox.
CVE-2022-31650[0]:
| In SoX 14.4.2, there is a floating-point exception in
| lsx_aiffstartwrite in aiff.c in libsox.a.
CVE-2022-31651[1]:
| In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in
| libsox.a.
https://sourceforge.net/p/sox/bugs/360/
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-31650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31650
[1] https://security-tracker.debian.org/tracker/CVE-2022-31651
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31651
Please adjust the affected versions in the BTS as needed.
Reply to: