-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : sox Version : 14.4.1-5+deb8u1 CVE ID : CVE-2014-8145 Debian Bug : 773720
Mike Salvatore discovered that the fixes for these heap-based buffer overflows had not been properly applied in the Debian package. For Debian 8 "Jessie", this problem has been fixed in version 14.4.1-5+deb8u1. We recommend that you upgrade your sox packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlxy9uQACgkQiNJCh6LY mLGEiA/+PiAhtxro1VFF3IRpziLFa6ndQ2YgvCFhZStBiLZjmG/RG4NCOjWREQ7M vp81eWwe8Vme4IgtYM+PNFlwzf5SlTYNviVA/XDkdFQl7PqOzPO+A1IEkC7E5fZn HyaCQhzr1SZ+e666Az/5pHX+GNimorrON9wxJqt9Z7/qW97jWM75g8e7zY9rZByd aQ357OP8njiS/iLedxaVHTR7KNYT61DVuH8qz4NZNjbomEmRGbzHpDNqqFnUoGrC i+MuefKXBvbJ7zYsXC+hmUKq7VqzG4OO3yZ7C6igvnPyxt3yIZ3Kfg/vfhP6UUuh ydhPfjAKtpSQ4WvQ/GvFMXIdnw194ax+BopF0nDQhdNPk+UFvPAHgXmK45x5Kg9O CbVFHtIaIrt8gcppYDtLu5l2C0HaiD5gHj8SD1ZhVOXWMFXvBbAmBVQ71jM6jrjw u8VLlFRWfFRRvwKcb55EacsmCtgdDGtxHQDc9XP3nrBHfYuZXsg4mOYHDNrVpwxn 3MvCGZH0iRPCzux9/I4yM7ymF8dFNtG+Gzak6j7ekxPV9ENOMuU/nlwdZfhc3kD9 t+8BcsHnVDZk9LGXiszyrPdHRX9Jkfbx+hvP+MTSnH6s2rcyuVmPBv1s44k/aG3a JJtKdUVMPR0WDA8kvDJCKCgzVNmgOPEu5h9dhcfCiFemfLvGTpQ= =XFuK -----END PGP SIGNATURE-----