sox (14.4.2+git20190427-2+deb11u2ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2023-32627.patch: fixed a possible a floating
point exception in the read_samples function.
- CVE-2023-32627
-- Allen Huang <allen.huang@canonical.com> Tue, 05 Sep 2023 17:21:31 +0100
sox (14.4.2+git20190427-2+deb11u2build0.22.04.1) jammy-security; urgency=medium
* fake sync from Debian
-- Amir Naseredini <amir.naseredini@canonical.com> Fri, 17 Mar 2023 15:11:11 +0000
sox (14.4.2+git20190427-2+deb11u2) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
[ Helmut Grohne ]
* Fix regression in wav-gsm decodeing introduced via fixing CVE-2021-33844
(Closes: #1032082)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 16 Mar 2023 21:30:12 +0100
sox (14.4.2+git20190427-2+deb11u1) bullseye-security; urgency=medium
* CVE-2021-23159 CVE-2021-23172 (Closes: #1021133, #1021134)
* CVE-2021-3643 CVE-2021-23210 (Closes: #1010374)
* CVE-2021-33844 (Closes: #1021135)
* CVE-2021-40426 (Closes: #1012138)
* CVE-2022-31650 (Closes: #1012516)
* CVE-2022-31651 (Closes: #1012516)
* All patches taken from Helmut Grohne's uploads to unstable, thanks!
-- Moritz Mühlenhoff <jmm@debian.org> Fri, 17 Feb 2023 17:13:54 +0100
sox (14.4.2+git20190427-2) unstable; urgency=medium
[ Ondřej Nový ]
* Use debhelper-compat instead of debian/compat
[ Dennis Braun ]
* Add patch to fix CVE-2019-13590.
Thanks to Salvatore Bonaccorso. (Closes: #932082)
* d/control:
+ Bump dh-compat to 12
+ Bump Standards-Version to 4.5.0
+ Add me as uploader
+ Set RRR: no
-- Dennis Braun <d_braun@kabelmail.de> Sun, 09 Feb 2020 11:36:08 +0100
sox (14.4.2+git20190427-1) unstable; urgency=medium
* Add patches to fix CVE-2019-8354, CVE-2019-8355, CVE-2019-8356 and
CVE-2019-8357. Thanks to Moritz Muehlenhoff. (Closes: #927906)
-- Tiago Bortoletto Vaz <tiago@debian.org> Sat, 27 Apr 2019 15:57:59 -0400
sox (14.4.2-3) unstable; urgency=medium
* Patch 0005 refreshed. (Closes: #882599)
* Improve english in d/bug-presubj file. (Closes: #882601)
* Bump Standards.
* Use secure uri where possible.
-- Jaromír Mikeš <mira.mikes@seznam.cz> Mon, 18 Dec 2017 14:55:07 +0100
sox (14.4.2-2) unstable; urgency=medium
* Upload to unstable to start transition.
* Add patch to fix CVE-2017-15372. (Closes: #878808)
* Add patch to fix CVE-2017-15642. (Closes: #882144)
* Add patch to fix CVE-2017-11333 in vorbis lib. (Closes: #882236)
-- Jaromír Mikeš <mira.mikes@seznam.cz> Fri, 24 Nov 2017 09:12:48 +0100
sox (14.4.2-1) experimental; urgency=medium
[ Jaromír Mikeš ]
* New upstream version 14.4.2 (Closes: #800344)
* Set compat/dh 10.
* Bump Standards.
* Adopt package.(Closes: #876904)
* Update Homepage to avoid redirecting.
* Update Vcs entry.
* Improve description of dev package.
* Drop unused patches.
* Delete dirs files.
* Simplify install files.
* Simplify rules file.
* Set hardening all.
* Try avoid useless linking.
* Update copyright file.
* Introduce symbols file.
* Bump soname.
* Use secure uri in watch file.
* Introduce postclone.sh script.
* Add patch to fix build.
* Add patch to fix spelling.
* Add patches to fix CVE's.
(Closes: #878809) (Closes: #878810) (Closes: #870328)
* Add gbp.conf.
* Add override_dh_installchangelogs.
* Remove old configure option.
* override_dh_makeshlibs is not needed any more.
* Add 0010-wavpack_check_errors.patch. (Closes: #881145)
* Add bug-presubj file.
* Add man page fixing patch.
* Add xa-validate-channel-count patch. (Closes: #881121)
[ Sebastian Ramacher ]
* Remove shlibs file, symbols file already present
-- Jaromír Mikeš <mira.mikes@seznam.cz> Sun, 19 Nov 2017 12:56:03 +0100
sox (14.4.1-5) unstable; urgency=medium
* Patches to fix memory corruptions on the heap, CVE-2014-8145
(closes: #773720):
+ 0001-Check-for-minimum-size-sphere-headers.patch
+ 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
-- Pascal Giard <pascal@debian.org> Wed, 24 Dec 2014 14:33:55 -0500
# For older changelog entries, run 'apt-get changelog libsox3'
Generated by dwww version 1.14 on Sat Jan 18 04:45:15 CET 2025.