Multiple vulnerabilities have been found in SoX, the worst of which may lead to a Denial of Service condition.
|Package||media-sound/sox on all architectures|
|Affected versions||< 14.4.2-r1|
|Unaffected versions||>= 14.4.2-r1|
SoX is a command line utility that can convert various formats of computer audio files in to other formats.
Multiple vulnerabilities have been discovered in SoX. Please review the referenced CVE identifiers for details.
A remote attacker, by enticing a user to process a crafted WAV, HCOM, SND, or AIFF file, could cause a Denial of Service condition.
There is no known workaround at this time.
All SoX users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-sound/sox-14.4.2-r1"