Debian Package Tracker

From: Emilio Pozuelo Monfort <pochu@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted sox 14.4.1-5+deb8u4 (source amd64) into oldstable
Date: Tue, 28 May 2019 07:20:20 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 10 May 2019 01:08:00 +0200
Source: sox
Binary: sox libsox2 libsox-fmt-base libsox-fmt-alsa libsox-fmt-ao libsox-fmt-mp3 libsox-fmt-oss libsox-fmt-pulse libsox-fmt-all libsox-dev
Architecture: source amd64
Version: 14.4.1-5+deb8u4
Distribution: jessie-security
Urgency: medium
Maintainer: Pascal Giard <pascal@debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Description:
 libsox-dev - Development files for the SoX library
 libsox-fmt-all - All SoX format libraries
 libsox-fmt-alsa - SoX alsa format I/O library
 libsox-fmt-ao - SoX Libao format I/O library
 libsox-fmt-base - Minimal set of SoX format libraries
 libsox-fmt-mp3 - SoX MP2 and MP3 format library
 libsox-fmt-oss - SoX OSS format I/O library
 libsox-fmt-pulse - SoX PulseAudio format I/O library
 libsox2    - SoX library of audio effects and processing
 sox        - Swiss army knife of sound processing
Changes:
 sox (14.4.1-5+deb8u4) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-8354, CVE-2019-8355: buffer overflow in valloc functions.
   * CVE-2019-8356: stack-based buffer overflow in bitrv2().
   * CVE-2019-8357: NULL pointer dereference in lsx_make_lpf().
Checksums-Sha1:
 d1d9740b614fca6b0d354aa9ff45b9ea4210b707 2663 sox_14.4.1-5+deb8u4.dsc
 71f05afc51e3d9b03376b2f98fd452d3a274d595 1111653 sox_14.4.1.orig.tar.gz
 fe06c15a3289e3017471355bc101daa101cb502e 19232 sox_14.4.1-5+deb8u4.debian.tar.xz
 aa0480efcc77ec6c391592f4a038cfb0e0e293ee 173054 sox_14.4.1-5+deb8u4_amd64.deb
 0e2eea064ebe84f2d9e0906c107fd9e250815782 606376 libsox2_14.4.1-5+deb8u4_amd64.deb
 d53a13dea2b76269a0915ca7bf50d06b984e375a 126164 libsox-fmt-base_14.4.1-5+deb8u4_amd64.deb
 cad7b4fd0d660b2e769c9657e8ac8fbe831e89b3 57588 libsox-fmt-alsa_14.4.1-5+deb8u4_amd64.deb
 555e695555e29c5aed202966af72fae3799086c7 49222 libsox-fmt-ao_14.4.1-5+deb8u4_amd64.deb
 230d56aa51e2d550177c68c133e5730abd3b9c5d 71454 libsox-fmt-mp3_14.4.1-5+deb8u4_amd64.deb
 e88544aa1811f40d089a418d2486ef6be2d790ec 49420 libsox-fmt-oss_14.4.1-5+deb8u4_amd64.deb
 fd434945e8aae40e547f86514cefc17e6ed8f29c 49654 libsox-fmt-pulse_14.4.1-5+deb8u4_amd64.deb
 023364a315363c8e9e3fe8ef36ac0cf04384bef3 41854 libsox-fmt-all_14.4.1-5+deb8u4_amd64.deb
 640a7a65f63c05a76fd4ea4367dc26defd0dd4b8 922450 libsox-dev_14.4.1-5+deb8u4_amd64.deb
Checksums-Sha256:
 d314e9d50bb56117334f522c5c21696e603b5ba598f5e0c630dde1493273f6ca 2663 sox_14.4.1-5+deb8u4.dsc
 9a8c2c6fe51e608da346a157e111508a957af9e3ecf3de26781d36e9a67fa89b 1111653 sox_14.4.1.orig.tar.gz
 303f543ea4d0bda9ba864e3a0b940973fd5aea69fe07e7fa0273365bb3cb9119 19232 sox_14.4.1-5+deb8u4.debian.tar.xz
 6752fa583e7d2f6f418be40991e5ebd830f5f6eee2e4a17e1332fe94158e70a6 173054 sox_14.4.1-5+deb8u4_amd64.deb
 b1ecfe59fdbdbba16e7bb420af025b414f2b2f98200205d3b0d6b78750db1d17 606376 libsox2_14.4.1-5+deb8u4_amd64.deb
 dc5423e052215e5b20a45aa152404dab299599c0db1ddb0a9c1033a52a9af0c6 126164 libsox-fmt-base_14.4.1-5+deb8u4_amd64.deb
 217123305e8776d82340bdbeac3a19d1b1e190c40db10502ac6be89726b23d09 57588 libsox-fmt-alsa_14.4.1-5+deb8u4_amd64.deb
 56e01ec1d1b04884667abf667bae5d9eda3c7a16e0e36755832ea09ccd8d0e8a 49222 libsox-fmt-ao_14.4.1-5+deb8u4_amd64.deb
 a92f08dbfea80bf438b1bedc3fe9152283945856fa07ab66dadf36d2013188f1 71454 libsox-fmt-mp3_14.4.1-5+deb8u4_amd64.deb
 562f25878d89dc126174f31bd8871b07a43a665f9a90ab89da58881877a80a5b 49420 libsox-fmt-oss_14.4.1-5+deb8u4_amd64.deb
 9b8ee668f28b3d71114dd2a7fe6b2f3b1f0e5418470ddb889c41b2a648804a95 49654 libsox-fmt-pulse_14.4.1-5+deb8u4_amd64.deb
 d8a425be43dd877d6bb71cfae8fea5223551a70a1ea81d04e79b8189a3594384 41854 libsox-fmt-all_14.4.1-5+deb8u4_amd64.deb
 03bfc5de9eae1e34ca1ecb8de5c8fc8039ca6048aa35eb849383513eea0a1edc 922450 libsox-dev_14.4.1-5+deb8u4_amd64.deb
Files:
 7766f0458a303c9b8cca7935a12e0bc0 2663 sound optional sox_14.4.1-5+deb8u4.dsc
 670307f40763490a2bc0d1f322071e7a 1111653 sound optional sox_14.4.1.orig.tar.gz
 ddb5649ae4bc133012f5a8050e546201 19232 sound optional sox_14.4.1-5+deb8u4.debian.tar.xz
 d282516723a0774b92525de73b43cdec 173054 sound optional sox_14.4.1-5+deb8u4_amd64.deb
 3c7ad1c07198668514d5d8038d3516a4 606376 libs optional libsox2_14.4.1-5+deb8u4_amd64.deb
 948df7bf48117a76c0f61ee964d61a0d 126164 libs optional libsox-fmt-base_14.4.1-5+deb8u4_amd64.deb
 27f63959d6f5622191326ba7713b03d3 57588 libs optional libsox-fmt-alsa_14.4.1-5+deb8u4_amd64.deb
 aad30e683e52ee1e16ba21b16c317cc0 49222 libs optional libsox-fmt-ao_14.4.1-5+deb8u4_amd64.deb
 c6ae84823736e89c997dd2c3553aeed6 71454 libs optional libsox-fmt-mp3_14.4.1-5+deb8u4_amd64.deb
 6af6fee521a30d2227a9c1a0dc4cef84 49420 libs optional libsox-fmt-oss_14.4.1-5+deb8u4_amd64.deb
 4666542231782195a7731323c917de56 49654 libs optional libsox-fmt-pulse_14.4.1-5+deb8u4_amd64.deb
 a9a3ef70549e9a0f46efc640b35aeaab 41854 libs optional libsox-fmt-all_14.4.1-5+deb8u4_amd64.deb
 89bf3ccedd843469b5329c6eec69e921 922450 libdevel optional libsox-dev_14.4.1-5+deb8u4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlzs3lwACgkQnUbEiOQ2
gwJvwBAAkdRKMCvSGjLfgsteYQBb34r339xV/Bvdi/H7V6oFuC5dql35FhWa9a9I
D2g4BEld9sDfvJRJKEMOO+nYMiotVhrBBcxCNvtbcY6NoazenkyIr1U9wiLPLdNS
ZQQBMCjodftMNqy+XRFK3NzgI44DS5HXa1/M0lsrdsqjzlFy05fSaxlRAnvNqHSt
XV4z4oJeuNdw1EUcdq3guSjPNKG3FuCSn6pQSZ38OJirWyfyjEtZdoijL9w2Qwfl
HnS4NABZ+BKx3mEANLXGVxO2l/jYPBA6fsYrGh4x7nIfvvPLyEsZf7pWPicqfQPr
9wvTm3/rDuNBaGaxiI0Wvdv0ehsHUiIypCm8ZQdh+3Cdi+wPulCXxhe6YNgdlu0A
1i5jhHBVFeOuzm1p2FVdJwHFCsh1uR1nHJAw2s6sz6J+2oGMER/oQ9KP7Zo7IjGy
49fii+ZDA70n2xANDbxzkRJV8vUVL0WOGGQ71LPhiPntDdY40UB9Z/wGQimAoFZG
9c/mu7o8Nzm7MU42qjd/d2ev9ou5/nv3vAdnvHETP5I7jdCSwG6dywF+YgzsCVQE
SnhgI0FgmiDkVEwS+yRom1jtDBpJfdMTCZwDHz/2HIFgwklDF9Eyxej88QZKOujA
aGUpkq/VdPpW1qlxwEx4+Hb7mXmhurTPctjjFDZl7YmoI3+d0Vo=
=uNrt
-----END PGP SIGNATURE-----
News for package sox
