diff -Nru sox-14.4.2+git20190427/debian/changelog sox-14.4.2+git20190427/debian/changelog
--- sox-14.4.2+git20190427/debian/changelog	2023-03-17 15:11:11.000000000 +0000
+++ sox-14.4.2+git20190427/debian/changelog	2023-09-05 16:21:31.000000000 +0000
@@ -1,3 +1,12 @@
+sox (14.4.2+git20190427-2+deb11u2ubuntu0.22.04.1) jammy-security; urgency=medium
+
+  * SECURITY UPDATE: denial of service
+    - debian/patches/CVE-2023-32627.patch: fixed a possible a floating
+      point exception in the read_samples function.
+    - CVE-2023-32627
+
+ -- Allen Huang <allen.huang@canonical.com>  Tue, 05 Sep 2023 17:21:31 +0100
+
 sox (14.4.2+git20190427-2+deb11u2build0.22.04.1) jammy-security; urgency=medium
 
   * fake sync from Debian
diff -Nru sox-14.4.2+git20190427/debian/control sox-14.4.2+git20190427/debian/control
--- sox-14.4.2+git20190427/debian/control	2023-03-16 20:30:12.000000000 +0000
+++ sox-14.4.2+git20190427/debian/control	2023-09-05 16:21:31.000000000 +0000
@@ -1,7 +1,8 @@
 Source: sox
 Section: sound
 Priority: optional
-Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
 Uploaders:
  Dennis Braun <d_braun@kabelmail.de>,
  Jaromír Mikeš <mira.mikes@seznam.cz>
diff -Nru sox-14.4.2+git20190427/debian/patches/CVE-2023-32627.patch sox-14.4.2+git20190427/debian/patches/CVE-2023-32627.patch
--- sox-14.4.2+git20190427/debian/patches/CVE-2023-32627.patch	1970-01-01 00:00:00.000000000 +0000
+++ sox-14.4.2+git20190427/debian/patches/CVE-2023-32627.patch	2023-09-05 16:20:48.000000000 +0000
@@ -0,0 +1,30 @@
+From: =?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org>
+Date: Sun, 13 Aug 2023 14:14:09 +0000
+Subject: CVE-2023-32627 Filter null sampling rate in VOC coder
+
+Avoid a divide by zero and out of bound read by rejecting null sampling rate in VOC file
+
+bug: https://sourceforge.net/p/sox/bugs/369/
+bug-redhat: https://bugzilla.redhat.com/show_bug.cgi?id=2212282
+bug-debian: https://bugs.debian.org/1041112
+bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-32627
+---
+ src/voc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+Index: sox-14.4.2+git20190427/src/voc.c
+===================================================================
+--- sox-14.4.2+git20190427.orig/src/voc.c
++++ sox-14.4.2+git20190427/src/voc.c
+@@ -351,6 +351,11 @@ static size_t read_samples(sox_format_t
+             v->block_remaining = 0;
+             return done;
+           }
++          if(uc == 0) {
++            lsx_fail_errno(ft, EINVAL, "invalid rate value");
++            v->block_remaining = 0;
++            return done;
++          }
+           *buf = SOX_UNSIGNED_8BIT_TO_SAMPLE(uc,);
+           lsx_adpcm_init(&v->adpcm, 6 - v->size, SOX_SAMPLE_TO_SIGNED_16BIT(*buf, ft->clips));
+           ++buf;
diff -Nru sox-14.4.2+git20190427/debian/patches/series sox-14.4.2+git20190427/debian/patches/series
--- sox-14.4.2+git20190427/debian/patches/series	2023-03-16 20:30:12.000000000 +0000
+++ sox-14.4.2+git20190427/debian/patches/series	2023-09-05 16:20:40.000000000 +0000
@@ -26,3 +26,4 @@
 fix-hcom-big-endian.patch
 fix-resource-leak-comments.patch
 fix-resource-leak-hcom.patch
+CVE-2023-32627.patch