Mageia alert MGASA-2018-0211 (sox)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2018-0211: Updated sox packages fix security vulnerabilities | |
| Date: | Mon, 30 Apr 2018 21:08:45 +0200 | |
| Message-ID: | <20180430190845.33ADFA0060@duvel.mageia.org> |
MGASA-2018-0211 - Updated sox packages fix security vulnerabilities Publication date: 30 Apr 2018 URL: https://advisories.mageia.org/MGASA-2018-0211.html Type: security Affected Mageia releases: 5, 6 CVE: CVE-2017-11332, CVE-2017-11358, CVE-2017-11359, CVE-2017-15372, CVE-2017-15642, CVE-2017-18189 Description: This update for sox fixes the following security issues: * CVE-2017-11332: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS (divide-by-zero) via a crafted wav file. * CVE-2017-11358: Fixed the read_samples function in hcom.c, which allowed remote attackers to cause a DoS (invalid memory read) via a crafted hcom file. * CVE-2017-11359: Fixed the wavwritehdr function in wav.c, which allowed remote attackers to cause a DoS (divide-by-zero) when converting a a crafted snd file to a wav file. * CVE-2017-15372: Fixed a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c, which allowed remote attackers to cause a DoS during conversion of a crafted audio file. * CVE-2017-15642: Fixed an Use-After-Free vulnerability in lsx_aiffstartread in aiff.c, which could be triggered by an attacker by providing a malformed AIFF file. * CVE-2017-18189: In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service. References: - https://bugs.mageia.org/show_bug.cgi?id=22615 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1... SRPMS: - 6/core/sox-14.4.2-7.3.mga6 - 5/core/sox-14.4.1-6.3.mga5