Mandriva Linux Security Advisory : sox (MDVSA-2015:015)
High Nessus Plugin ID 80434
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated sox packages fix security vulnerability :
The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions start_read() and AdpcmReadBlock(). A specially crafted wav file can be used to trigger the vulnerabilities (CVE-2014-8145).
SolutionUpdate the affected lib64sox-devel, lib64sox2 and / or sox packages.