Ubuntu
sox package

Change logs for sox source package in Lunar

Lunar (23.04)
Change log

sox (14.4.2+git20190427-3.4ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2023-32627.patch: fixed a possible floating
      point exception in the read_samples function.
    - CVE-2023-32627

 -- Allen Huang <email address hidden>  Wed, 06 Sep 2023 13:02:21 +0100

sox (14.4.2+git20190427-3.4ubuntu1) lunar; urgency=medium

  * SECURITY REGRESSION: Denial of Service
    - debian/patches/CVE-2021-33844.patch: fixed regression in wav-gsm
      decodeing introduced via fixing CVE-2021-33844.
    - CVE-2021-33844

 -- Amir Naseredini <email address hidden>  Fri, 17 Mar 2023 17:06:32 +0000

sox (14.4.2+git20190427-3.4) unstable; urgency=medium

  * Non-maintainer upload.
  * Ignore test failure on all mipsen (Addresses: #1030674)

 -- Helmut Grohne <email address hidden>  Tue, 07 Feb 2023 22:21:09 +0100

sox (14.4.2+git20190427-3.3) unstable; urgency=medium

  * Non-maintainer upload.
  * Ignore test failure on mips64el (Addresses: #1030674)

 -- Helmut Grohne <email address hidden>  Mon, 06 Feb 2023 13:02:25 +0100

sox (14.4.2+git20190427-3.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Drop the CVE-unasssigned patch together with my own unnecessary change
    introducing the vulnerability: The buffer is overallocated by 16-1 bytes
    already and we don't overflow if we don't add to it.
  * Replace CVE-2017-11358 patch with the non-broken one from upstream
  * Fix big endian 64bit FTBFS: Import upstream patch to fix hcom writing
  * Improve CVE-2021-23159 patch to also reject empty dictionaries.
    The incomplete fix would allow an out-of-bounds read.
  * Improve CVE-2021-3643 patch to also reject word width 1.
    The incomplete fix would allow an out-of-bounds read.

 -- Helmut Grohne <email address hidden>  Sun, 05 Feb 2023 13:13:59 +0100

sox (14.4.2+git20190427-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix some resource leaks.
  * Fix regression in hcom reader introduced via CVE-2017-11358. (Closes:
    #933372)
  * Enable test suite.
  * Fix CVE-2021-3643 and CVE-2021-23210: voc validation (Closes: #1010374)
  * Fix CVE-2021-23159 and CVE-2021-23172: hcom validation
    (Closes: #1021133, #1021134)
  * Fix CVE-2021-33844: wav validation (Closes: #1021135)
  * Fix CVE-2021-40426: sphere validation (Closes: #1012138)
  * Fix CVE-2022-31650: aiff validation (Closes: #1012516)
  * Fix CVE-2022-31651: reject implausible rate (Closes: #1012516)
  * Fix CVE-unasssigned: integer overflow
  * Silence dh_missing
  * Add an autopkgtest

 -- Helmut Grohne <email address hidden>  Fri, 03 Feb 2023 10:21:33 +0100

sox (14.4.2+git20190427-3build1) lunar; urgency=medium

  * No-change rebuild against libflac++10 & libflac12.

 -- Rik Mills <email address hidden>  Tue, 29 Nov 2022 17:27:54 +0000

sox (14.4.2+git20190427-3) unstable; urgency=medium

  * Team upload

  [ Debian Janitor ]
  * Drop no longer supported add-log-mailing-address setting from
    debian/changelog.
  * Fix day-of-week for changelog entries 12.16-1, 12.14-1, 11gamma-cb3-
    5, 11gamma-cb3-4.

  [ Sebastian Ramacher ]
  * debian/control:
    - Bump Standards-Version
    - Replace libltdl3-dev with libltdl-dev

 -- Sebastian Ramacher <email address hidden>  Wed, 06 Apr 2022 10:10:57 +0200

Ubuntusox package

Change logs for sox source package in Lunar

Ubuntu
sox package