AXSA:2019-4121:01

リリース日: 
2019/08/20 Tuesday - 01:55
題名: 
sox-14.4.1-7.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

SoX (Sound eXchange) is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects.

Security Fix(es):

* sox: NULL pointer dereference in startread function in xa.c (CVE-2017-18189)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.7 Release Notes linked from the References section.

CVE-2017-18189
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

解決策: 

Update packages.

追加情報: 

N/A

ダウンロード: 

SRPMS
1. sox-14.4.1-7.el7.src.rpm
md5sum: fbf5934dddff7b0749900dbdc2a60294
sha256sum: 768d8de90579144eeb3bd24eb940dcbd890d984abf4f9aaf4ec275942b6fc069
Size: 1,045 Kb

Asianux Server 7.0 for x86_64
1. sox-14.4.1-7.el7.x86_64.rpm
md5sum: 2ad53166d0797fbd203d17feca26ff0a
sha256sum: 656b5a30c043c2cc855f858dfbaa379267c4208bf411456ce04e3cd3c8a91575
Size: 397 Kb
2. sox-14.4.1-7.el7.i686.rpm
md5sum: 85171ace1a3b4dda8c46e9a49f5fc7cc
sha256sum: 029f6a04c10f313c56b473f0dee5b91020e1dca7a8885753a11cfef3def3226c
Size: 401 Kb
Copyright© 2007-2015 Asianux. All rights reserved.