LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-11-2004, 05:21 AM   #1
Joey.Dale
Member
 
Registered: Jun 2003
Location: Tampa, Fl
Distribution: Gentoo, Slackware
Posts: 828

Rep: Reputation: 30
WARN: sox


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] sox (SSA:2004-223-03)

New sox packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current
to fix buffer overflow security issues that could allow a malicious WAV file
to execute arbitrary code.

Here are the details from the Slackware 10.0 ChangeLog:
+--------------------------+
Sat Aug 7 17:17:20 AKDT 2004
patches/packages/sox-12.17.4-i486-3.tgz: Patched buffer overflows
that could allow a malicious WAV file to execute arbitrary code.
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackwar...7.4-i386-3.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackwar...7.4-i386-3.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackwar...7.4-i486-3.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackwar...7.4-i486-3.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackwar...7.4-i486-3.tgz


MD5 signatures:
+-------------+

Slackware 8.1 package:
08b8e2ba8d34b959c18130bbb44c2fcd sox-12.17.4-i386-3.tgz

Slackware 9.0 package:
3a206a1a0688b4bfd0f464bb40128339 sox-12.17.4-i386-3.tgz

Slackware 9.1 package:
13beadd4d7e48c19af71e3ffb6a0578e sox-12.17.4-i486-3.tgz

Slackware 10.0 package:
71919b40bcb0a6f3fc3c9361e0cdbc6f sox-12.17.4-i486-3.tgz

Slackware -current package:
71919b40bcb0a6f3fc3c9361e0cdbc6f sox-12.17.4-i486-3.tgz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg sox-12.17.4-i486-3.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBGT+makRjwEAQIjMRAn5jAKCCO6CjEtzv0dVsjFyaod+ZhWvA5ACeKdL+
/8beaEKUPQKniEb6oJaP1hk=
=HHVf
-----END PGP SIGNATURE-----
 
Old 08-11-2004, 06:02 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
Slackware site maintains the Security Advisory page that contains more such advisories.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SoX karunesh General 1 08-09-2005 01:07 PM
Cannot install Sox! Sebastian Naitsabes Linux - Software 7 07-14-2005 12:31 PM
The Sox Parade H2O-linux General 4 11-01-2004 08:48 PM
bass boost with sox mtb Linux - Software 2 08-22-2004 04:23 AM
SOX - Save Our X benjaminrtz Linux - General 6 09-01-2002 10:45 PM


All times are GMT -5. The time now is 07:37 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration