Debian 10267 Published by

A sox security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a divide by zero vulnerability.



ELA-918-1 sox security update

Package : sox
Version : 14.4.1-5+deb8u7 (jessie), 14.4.1-5+deb9u5 (stretch)

Related CVEs :
CVE-2023-32627

SoX is a command line utility that can convert various formats of computer audio files in to other formats. It can also apply various effects to these sound files during the conversion.
Sox was vulnerable to divide by zero vulnerability by reading an specialy crafted Creative Voice File (.voc) file, in the read_samples function. This flaw can lead to a denial of service.

ELA-918-1 sox security update