Your message dated Sat, 27 Apr 2019 22:04:51 +0000
with message-id <[email protected]>
and subject line Bug#927906: fixed in sox 14.4.2+git20190427-1
has caused the Debian Bug report #927906,
regarding CVE-2019-8354 CVE-2019-8355 CVE-2019-8356 CVE-2019-8357
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
927906: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927906
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: sox
Severity: grave
Tags: security
Please see these links for descriptions and patches:
https://security-tracker.debian.org/tracker/CVE-2019-8354
https://security-tracker.debian.org/tracker/CVE-2019-8355
https://security-tracker.debian.org/tracker/CVE-2019-8356
https://security-tracker.debian.org/tracker/CVE-2019-8357
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: sox
Source-Version: 14.4.2+git20190427-1
We believe that the bug you reported is fixed in the latest version of
sox, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tiago Bortoletto Vaz <[email protected]> (supplier of updated sox package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 27 Apr 2019 15:57:59 -0400
Source: sox
Binary: libsox-dev libsox-fmt-all libsox-fmt-alsa libsox-fmt-alsa-dbgsym
libsox-fmt-ao libsox-fmt-ao-dbgsym libsox-fmt-base libsox-fmt-base-dbgsym
libsox-fmt-mp3 libsox-fmt-mp3-dbgsym libsox-fmt-oss libsox-fmt-oss-dbgsym
libsox-fmt-pulse libsox-fmt-pulse-dbgsym libsox3 libsox3-dbgsym sox sox-dbgsym
Architecture: source amd64
Version: 14.4.2+git20190427-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <[email protected]>
Changed-By: Tiago Bortoletto Vaz <[email protected]>
Description:
libsox-dev - Development files for the SoX library
libsox-fmt-all - All SoX format libraries
libsox-fmt-alsa - SoX alsa format I/O library
libsox-fmt-ao - SoX Libao format I/O library
libsox-fmt-base - Minimal set of SoX format libraries
libsox-fmt-mp3 - SoX MP2 and MP3 format library
libsox-fmt-oss - SoX OSS format I/O library
libsox-fmt-pulse - SoX PulseAudio format I/O library
libsox3 - SoX library of audio effects and processing
sox - Swiss army knife of sound processing
Closes: 927906
Changes:
sox (14.4.2+git20190427-1) unstable; urgency=medium
.
* Add patches to fix CVE-2019-8354, CVE-2019-8355, CVE-2019-8356 and
CVE-2019-8357. Thanks to Moritz Muehlenhoff. (Closes: #927906)
Checksums-Sha1:
3cc439c792a6bf0ec10b0d4d120ab52fe6703144 2783 sox_14.4.2+git20190427-1.dsc
dc9668256b9d81ef25d672f14f12ec026b0b4087 935449
sox_14.4.2+git20190427.orig.tar.bz2
1a9a7643deef699977b45e7f69ac0a175837e8f4 24020
sox_14.4.2+git20190427-1.debian.tar.xz
44e2c0e8ae3f725dbfd4162a24cc186722c1d9ce 365400
libsox-dev_14.4.2+git20190427-1_amd64.deb
81ddedd97f57244e6d6663b7a82b7edcc574bdde 45836
libsox-fmt-all_14.4.2+git20190427-1_amd64.deb
d2a668c2fdd58f416097d9b8c2771e6b9534f45c 15712
libsox-fmt-alsa-dbgsym_14.4.2+git20190427-1_amd64.deb
57d9f787a0cb4df0c77a8edde7c06608ded46740 51236
libsox-fmt-alsa_14.4.2+git20190427-1_amd64.deb
76c79fa60640121ec3c849ccf2588c36b702178a 7688
libsox-fmt-ao-dbgsym_14.4.2+git20190427-1_amd64.deb
e648728f789b2b2d4f494d25a5ee2dc37fdf32db 48148
libsox-fmt-ao_14.4.2+git20190427-1_amd64.deb
2403390e8714273738b87090606647ae65450660 169916
libsox-fmt-base-dbgsym_14.4.2+git20190427-1_amd64.deb
d98a7f27aa5a15aa55edaedcece5cf26c337ee6b 72112
libsox-fmt-base_14.4.2+git20190427-1_amd64.deb
2ad6302491b6d55b37e77148af1407c98832433d 27008
libsox-fmt-mp3-dbgsym_14.4.2+git20190427-1_amd64.deb
495533cc893a1bb8c22808327bc74be487223707 56688
libsox-fmt-mp3_14.4.2+git20190427-1_amd64.deb
7ac585773bca8fa844b2d91b24f650341034c3a3 10368
libsox-fmt-oss-dbgsym_14.4.2+git20190427-1_amd64.deb
2d46f54263e720aad73261747ead49b70dc8cb8e 49712
libsox-fmt-oss_14.4.2+git20190427-1_amd64.deb
e6156b9b3e752067af929e5d82276e2e4bd30d98 7852
libsox-fmt-pulse-dbgsym_14.4.2+git20190427-1_amd64.deb
300c3aed344c1d77e965a76390ec8ec30a1829f0 48024
libsox-fmt-pulse_14.4.2+git20190427-1_amd64.deb
7e9698e4635d2e1b71174ab3846edc84acf2933e 587956
libsox3-dbgsym_14.4.2+git20190427-1_amd64.deb
f4bdc3f22b0bc0e143a818da1db3d1b0828b777c 263656
libsox3_14.4.2+git20190427-1_amd64.deb
503b11af05881a557a85a45306d94216749a4aa5 55756
sox-dbgsym_14.4.2+git20190427-1_amd64.deb
393c5009bc1833c30d4f2ae3297f0b95b0dba253 13171
sox_14.4.2+git20190427-1_amd64.buildinfo
4b729b298b95986c5613cd506635a4daa3c9147b 142108
sox_14.4.2+git20190427-1_amd64.deb
Checksums-Sha256:
da9c024ed6ac6b76b551cba21121a4652405fcde1d3f657f67b6ba8c339b8826 2783
sox_14.4.2+git20190427-1.dsc
81a6956d4330e75b5827316e44ae381e6f1e8928003c6aa45896da9041ea149c 935449
sox_14.4.2+git20190427.orig.tar.bz2
3a05828643ec53cd71a2950684d088e334d9916849f14e7c49655a794698cca0 24020
sox_14.4.2+git20190427-1.debian.tar.xz
c444da7923e4779283beecf3b69c8c7dc563bf4eb3cd7a367539c05eca6afda5 365400
libsox-dev_14.4.2+git20190427-1_amd64.deb
57664ebe1edd27eeff989cd71dabef7e2f785fa5e164f37f9e731535a6bc17d7 45836
libsox-fmt-all_14.4.2+git20190427-1_amd64.deb
a8f4801fe92b70a57e4e16f18689c6d8c7578defc9353e78e037387bf677d3ad 15712
libsox-fmt-alsa-dbgsym_14.4.2+git20190427-1_amd64.deb
79335e006395ff2d1aff1d8753c3cd5e45062d7a51694bd285cdb5b9f280c491 51236
libsox-fmt-alsa_14.4.2+git20190427-1_amd64.deb
8938c3fa00b6be83077a540b07f3f8182159f7c085167a1d8634a8090d0f8e58 7688
libsox-fmt-ao-dbgsym_14.4.2+git20190427-1_amd64.deb
2d12788d4d0f78235fd242eeb6b533e80a456a61a57ea0e874e6ab971979abeb 48148
libsox-fmt-ao_14.4.2+git20190427-1_amd64.deb
5e93df988434b0ff36e603f819dee5edd8460f1636e117c6489c773196bb6f3d 169916
libsox-fmt-base-dbgsym_14.4.2+git20190427-1_amd64.deb
621a28040b54363a30bc3a884ea934f12a3a764d0e0d065eb8416c4a5c3a2464 72112
libsox-fmt-base_14.4.2+git20190427-1_amd64.deb
21fe80832944a480131caf1507d4666997423de528d4892fd5b3bd0731a0311c 27008
libsox-fmt-mp3-dbgsym_14.4.2+git20190427-1_amd64.deb
12a3e9138046bee9753be753f5944e97ed3ffcc0a2fb3e99b127273daf8b0c52 56688
libsox-fmt-mp3_14.4.2+git20190427-1_amd64.deb
f39142d04918ea8ffccbc696f5237fee99aac0b4f918176ddf8a3946cbd3555e 10368
libsox-fmt-oss-dbgsym_14.4.2+git20190427-1_amd64.deb
4dbddef77e28af3db372ddca455b413b35f26dfc50b97eae7b091863c55b9f31 49712
libsox-fmt-oss_14.4.2+git20190427-1_amd64.deb
01b0a3981676038f2b07356ba435bb3d594b101d7a9f307aa068d1246d8ce5fa 7852
libsox-fmt-pulse-dbgsym_14.4.2+git20190427-1_amd64.deb
bd1283d25b7627c8facbfb8efc64a14e4441a2cfa6aaa285e7b2df9337779eb1 48024
libsox-fmt-pulse_14.4.2+git20190427-1_amd64.deb
0ab728630cc913afb8e24dd6202e1eb78a372d4396646bda41a6e0f496dd5644 587956
libsox3-dbgsym_14.4.2+git20190427-1_amd64.deb
1b4a4e64c06d0f02995a62c0765848f30d8a7865def2c7437bdbb153dcdeddd8 263656
libsox3_14.4.2+git20190427-1_amd64.deb
65503a06f898ed90f5b6b81ea2769b22f0a2f44e83ea725e16342d18edde9312 55756
sox-dbgsym_14.4.2+git20190427-1_amd64.deb
bcaf0ba893c60d917a67afc524445924753e31687b8095c8c5da8dcc811cc7b1 13171
sox_14.4.2+git20190427-1_amd64.buildinfo
d34cde5e96f9505ed1dfca2597b121ce37e62df69b1a0403b2b77b85d5556c1a 142108
sox_14.4.2+git20190427-1_amd64.deb
Files:
c128d14bf44be46ff917d81395dca886 2783 sound optional
sox_14.4.2+git20190427-1.dsc
ba804bb1ce5c71dd484a102a5b27d0dd 935449 sound optional
sox_14.4.2+git20190427.orig.tar.bz2
ab65d29884f150ec51adb8723e9e3051 24020 sound optional
sox_14.4.2+git20190427-1.debian.tar.xz
aa34a3fc9970f2f96513493bbfe856e9 365400 libdevel optional
libsox-dev_14.4.2+git20190427-1_amd64.deb
f4bfb4c1a05aa8831e16090864c7369a 45836 libs optional
libsox-fmt-all_14.4.2+git20190427-1_amd64.deb
adc132ea0d561a5849d8dc5a566e5684 15712 debug optional
libsox-fmt-alsa-dbgsym_14.4.2+git20190427-1_amd64.deb
b57242c65839d68c686fbd5609dc2dbd 51236 libs optional
libsox-fmt-alsa_14.4.2+git20190427-1_amd64.deb
8f43b94c6c39b9b6d645f90a2be24cb2 7688 debug optional
libsox-fmt-ao-dbgsym_14.4.2+git20190427-1_amd64.deb
5de7e59ba62b19c19670e9809a97f45b 48148 libs optional
libsox-fmt-ao_14.4.2+git20190427-1_amd64.deb
6ee2744908f6abf40ecb708282b7c761 169916 debug optional
libsox-fmt-base-dbgsym_14.4.2+git20190427-1_amd64.deb
ca66635f6ba79a71d293a6b74bb2c35d 72112 libs optional
libsox-fmt-base_14.4.2+git20190427-1_amd64.deb
55e6061ad9af300dd5d62d667ba5c2b0 27008 debug optional
libsox-fmt-mp3-dbgsym_14.4.2+git20190427-1_amd64.deb
9631c8e5fb25ef6ac029b4586349162b 56688 libs optional
libsox-fmt-mp3_14.4.2+git20190427-1_amd64.deb
ca0a22b4aa48a3f5488cbfa599f1ebad 10368 debug optional
libsox-fmt-oss-dbgsym_14.4.2+git20190427-1_amd64.deb
ca19d6796602968c161633bfd7992d93 49712 libs optional
libsox-fmt-oss_14.4.2+git20190427-1_amd64.deb
da94b1730a847a04cd85343998dfbb91 7852 debug optional
libsox-fmt-pulse-dbgsym_14.4.2+git20190427-1_amd64.deb
bdfd3ac81cbe3544ab5bbcc808cf931e 48024 libs optional
libsox-fmt-pulse_14.4.2+git20190427-1_amd64.deb
c77dded7c4d0105c0826354065b9970d 587956 debug optional
libsox3-dbgsym_14.4.2+git20190427-1_amd64.deb
4aaff37845d865a4282fea950bc1375c 263656 libs optional
libsox3_14.4.2+git20190427-1_amd64.deb
eb61ae4324ea7ab36c32a73675a8072b 55756 debug optional
sox-dbgsym_14.4.2+git20190427-1_amd64.deb
05ffa1b67a5d0d5084266b897210a9ba 13171 sound optional
sox_14.4.2+git20190427-1_amd64.buildinfo
c6f3afca1a311a5a7e22b9159e22e17e 142108 sound optional
sox_14.4.2+git20190427-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEYsAXsSqWkZu7etRd2EdHrOS2gT0FAlzEzgcACgkQ2EdHrOS2
gT0wSw/7BBCF11fPavO72EHzJqRRRhJd1AkEd/6mLqKiEguQrvHuYaHiZG1Xp1ML
iDHRFUkG1ULOIzZ2VdfD/5jCNCLeaz08TYA0yHPP1+KIap3xhRFGHziiZLiT/CvY
MArm5W48ZUrFaVZbUoGTVhOcDZ2orIMyN6KNjI00m5OuTERb1lbGG/aLk3F0g5Wg
cpPTnRf+CnDkaIXMkTh1Tiiv8fvJKACbhBdsEKbx8/ppC2MWbiRI82QLGAaRIisE
Nde0xfcGVDT8haCbMRYDo7tCSIJdXvvRR6nCnsaCwIeOtGjE8/nOAoHeFK7w5Ob2
NxB8b6NaCet5TDwWBhLp1XHvMGLs9RkrKMJ5WTWSC2AmRpdGOiLdDXbdpP9cg4+Y
2GISmWUjKw9N3+3zwQi2X/1Ic5P7XTln16REvH2gonhySqlmCCfUyfb0xHlZWZHv
Hg1KjIyaVFI6FWTmE+r2wcFPdpuliGKmRzC4Gru1SX89c5qM3QUN0apRuiN4p2iO
wrSla7atcdLmLryE0kJFa4ZVVbzpjDfWGNHsTtU8oN9qz5NBJyB7fq0jlqxgRW5S
0OfXRpntrKXZAjCMw6aR2FmQqb4jyeCwlpd50s9D1IdlqdHLCbeSJQ5Z68R9ehAF
KWy8yRAx51lFNHnRoNRkKX4NNdWtb+OEq95J/uMsIX10wAiGmZc=
=lwDg
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
pkg-multimedia-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
