Source: sox Version: 14.4.2+git20190427-3 Severity: important Tags: security upstream Forwarded: https://sourceforge.net/p/sox/bugs/351/ X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerabilities were published for sox. CVE-2021-3643[0]: | buffer overflow read vulnerability CVE-2021-23210[1]: | divide by zero in voc.c Note the respective Red Hat Bugzilla entries contain little more information on the connection of the both. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3643 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3643 https://bugzilla.redhat.com/show_bug.cgi?id=1980626 [1] https://security-tracker.debian.org/tracker/CVE-2021-23210 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23210 https://bugzilla.redhat.com/show_bug.cgi?id=1975670 [2] https://sourceforge.net/p/sox/bugs/351/ Please adjust the affected versions in the BTS as needed. Regards, Salvatore