sox security update

2019-08-30T04:21:10
ID CESA-2019:2283
Type centos
Reporter CentOS Project
Modified 2019-08-30T04:21:10

Description

CentOS Errata and Security Advisory CESA-2019:2283

SoX (Sound eXchange) is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects.

Security Fix(es):

  • sox: NULL pointer dereference in startread function in xa.c (CVE-2017-18189)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-cr-announce/2019-August/006140.html

Affected packages: sox sox-devel

Upstream details at: