[meta-multimedia,12/12] sox: mark CVE-2023-34432 as patched

Message ID	20250316225358.2816208-12-peter.marko@siemens.com
State	Accepted
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.64.227, mailfrom: fm-256628-202503162255391ed72cc8346724bb2c-a0vd6y@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-devel@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [meta-multimedia][PATCH 12/12] sox: mark CVE-2023-34432 as patched Date: Sun, 16 Mar 2025 23:53:58 +0100 Message-Id: <20250316225358.2816208-12-peter.marko@siemens.com> In-Reply-To: <20250316225358.2816208-1-peter.marko@siemens.com> References: <20250316225358.2816208-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[meta-multimedia,01/12] sox: extend CVE_PRODUCT \| expand [meta-multimedia,01/12] sox: extend CVE_PRODUCT [meta-multimedia,02/12] sox: build from git [meta-multimedia,03/12] sox: update to latest git hash [meta-multimedia,04/12] sox: mark CVEs included in hash update as fixed [meta-multimedia,05/12] sox: patch CVE-2021-3643 and CVE-2021-23210 [meta-multimedia,06/12] sox: patch CVE-2021-23159 and CVE-2021-2317 [meta-multimedia,07/12] sox: patch CVE-2021-33844 [meta-multimedia,08/12] sox: patch CVE-2021-40426 [meta-multimedia,09/12] sox: patch CVE-2022-31650 [meta-multimedia,10/12] sox: patch CVE-2022-31651 [meta-multimedia,11/12] sox: patch CVE-2023-32627 [meta-multimedia,12/12] sox: mark CVE-2023-34432 as patched

Message ID

20250316225358.2816208-12-peter.marko@siemens.com

State

Accepted

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-devel@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [meta-multimedia][PATCH 12/12] sox: mark CVE-2023-34432 as patched
Date: Sun, 16 Mar 2025 23:53:58 +0100
Message-Id: <20250316225358.2816208-12-peter.marko@siemens.com>
In-Reply-To: <20250316225358.2816208-1-peter.marko@siemens.com>
References: <20250316225358.2816208-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[meta-multimedia,01/12] sox: extend CVE_PRODUCT | expand

Commit Message

Peter Marko March 16, 2025, 10:53 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

Patch for CVE-2021-23159 fixes also this CVE.
Stated by:
* https://security-tracker.debian.org/tracker/CVE-2023-34432
* https://sourceforge.net/p/sox/bugs/367/

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 .../sox/sox/CVE-2021-23159_CVE-2021-2317.patch                   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-23159_CVE-2021-2317.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-23159_CVE-2021-2317.patch
index 472e4bac60..df27cbcd65 100644
--- a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-23159_CVE-2021-2317.patch
+++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-23159_CVE-2021-2317.patch
@@ -7,6 +7,7 @@  Source: https://salsa.debian.org/lts-team/packages/sox/-/blob/debian/14.4.2+git2
 
 CVE: CVE-2021-23159
 CVE: CVE-2021-23172
+CVE: CVE-2023-34432
 Upstream-Status: Inactive-Upstream [lastrelease: 2015]
 Signed-off-by: Peter Marko <peter.marko@siemens.com>
 ---