SoX: Multiple vulnerabilities Multiple vulnerabilities have been found in SoX, the worst of which may lead to a Denial of Service condition. sox 2018-10-06 2018-10-06 626702 627570 634450 634814 remote 14.4.2-r1 14.4.2-r1

SoX is a command line utility that can convert various formats of computer audio files in to other formats.

Multiple vulnerabilities have been discovered in SoX. Please review the referenced CVE identifiers for details.

A remote attacker, by enticing a user to process a crafted WAV, HCOM, SND, or AIFF file, could cause a Denial of Service condition.

There is no known workaround at this time.

All SoX users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-sound/sox-14.4.2-r1" CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642 BlueKnight irishluck83