sox_ng wiki - Distro-OpenSUSE
OpenSUSE carries 14.4.2 with 19 CVE patches.
All have been applied to sox_ng.
| Patch | Issue |
|---|---|
| CVE-2017-11332: Fixed the startread function in wav.c | #7 |
| CVE-2017-11358: Fixed the read_samples function in hcom.c | #8 |
| CVE-2017-11359: Fixed the wavwritehdr function | #9 |
| CVE-2017-15370: Fixed a heap-based buffer overflow | #16 |
| CVE-2017-15371: Fixed an assertion abort | #11 |
| CVE-2017-15372: Fixed a stack-based buffer overflow | #12 |
| CVE-2017-15642: Fixed an Use-After-Free vulnerability | #13 |
| CVE-2017-18189: Fixed a NULL pointer dereference | #14 |
| CVE-2022-31650 | #28 |
| CVE-2023-34318 | #32 |
| CVE-2023-34432 | #33 |
| CVE-2019-13590 | #20 |
| CVE-2021-3643 | #22 |
| CVE-2021-23159 | #24 |
| CVE-2021-33844 | #26 |
| CVE-2021-40426 | #27 |
| CVE-2022-31650 | #28 |
| CVE-2022-31651 | #29 |
| CVE-2023-32627: Fix floating point exception in src/voc.c | #31 |