Bug#878809: closed by Jaromír Mikeš <mira.mikes at seznam.cz> (Bug#878809: fixed in sox 14.4.2-1)
carnil at debian.org
Mon Nov 20 05:58:41 UTC 2017
On Sun, Nov 19, 2017 at 10:23:01PM +0100, Jaromír Mikeš wrote:
> 2017-11-19 21:11 GMT+01:00 Salvatore Bonaccorso <carnil at debian.org>:
> > Control: reopen -1
> > Control: found -1 14.4.1-5
> > Control: found -1 14.4.2-1
> > Control: tags -1 + moreinfo
> > Hi Jaromir,
> > Are you sure #878809 is yet fixed?
> > With the patches applied on top of 14.4.2 we see still that sox aborts
> > with:
> > $ ./sox-14.4.2/src/sox 03-abort out.wav
> > sox: formats.c:227: sox_append_comment: Assertion `comment' failed.
> > Aborted
> > So the assertion is still reachable, so at least
> > 0005-CVE-2017-15371.patch did not solve the problem?
> > What am I missing here? Note, I'm just reopening the bug as
> > safetymeasure to double-check. If I turn to be wrong (likely) we can
> > reclose it, but I wanted to be sure.
> Hi Salvatore,
> can you provide some more details please. Upstream developers claims that
> issue should be solved
> by 0005-CVE-2017-15371.patch
sure, but all I have is basically the above with the poc attached in
the initial message. But I just reverified and I got probably an error
in my initial retest.
The assertion is not reached anymore with the experimental version:
$ sox --version
sox: SoX v14.4.2
$ sox 03-abort out.vaw
sox FAIL formats: can't open input file `03-abort': FLAC ERROR whilst decoding metadata
More information about the pkg-multimedia-maintainers