Amazon Linux 2 Security Advisory: ALAS-2019-1352
Advisory Release Date: 2019-11-04 22:27 Pacific
Advisory Updated Date: 2019-11-07 00:31 Pacific
Severity:
Low
References:
CVE-2017-18189
Issue Overview:
A NULL pointer dereference flaw found in the way SoX handled processing of AIFF files. An attacker could potentially use this flaw to crash the SoX application by tricking it into processing crafted AIFF files.(CVE-2017-18189)
Affected Packages:
sox
Issue Correction:
Run yum update sox to update your system.
New Packages:
aarch64:
sox-14.4.1-7.amzn2.aarch64
sox-devel-14.4.1-7.amzn2.aarch64
sox-debuginfo-14.4.1-7.amzn2.aarch64
i686:
sox-14.4.1-7.amzn2.i686
sox-devel-14.4.1-7.amzn2.i686
sox-debuginfo-14.4.1-7.amzn2.i686
src:
sox-14.4.1-7.amzn2.src
x86_64:
sox-14.4.1-7.amzn2.x86_64
sox-devel-14.4.1-7.amzn2.x86_64
sox-debuginfo-14.4.1-7.amzn2.x86_64