[v3.1] sox: input sanitization errors (CVE-2014-8145)
Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.
•MISC:
http://packetstormsecurity.com/files/129699/SoX-14.4.1-Heap-Buffer-Overflow.html
•MISC: http://www.ocert.org/advisories/ocert-2014-010.html
•BID:71774
•URL: http://www.securityfocus.com/bid/71774
(from redmine: issue id 3826, created on 2015-01-29, closed on 2017-05-17)
- Relations:
- parent #3822
- Changesets:
- Revision 5b072611 by Timo Teräs on 2015-01-30T10:10:07Z:
main/sox: security fix for CVE-2014-8145
fixes #3826
(cherry picked from commit 6285fa299ce16c6502150c257935bfdbc3aaf5d9)
Conflicts:
main/sox/APKBUILD