It was discovered that SoX incorrectly handled certain MP3 files. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-8354, CVE-2019-8355, CVE-2019-8356, CVE-2019-8357)
{ "binaries": [ { "binary_name": "libsox-dev", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-all", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-alsa", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-alsa-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-ao", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-ao-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-base", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-base-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-mp3", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-mp3-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-oss", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-oss-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-pulse", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox-fmt-pulse-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox2", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "libsox2-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "sox", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" }, { "binary_name": "sox-dbgsym", "binary_version": "14.4.1-5+deb8u4ubuntu0.1" } ], "availability": "No subscription required" }