Bug 31753

Summary: sox regression fix for CVE-2021-33844 patch
Product: Mageia Reporter: David Walser <luigiwalser>
Component: RPM PackagesAssignee: David GEIGER <geiger.david68210>
Status: NEW --- QA Contact:
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: sox-14.4.3-0.git20200117.3.2.mga8.src.rpm CVE:
Status comment:
Bug Depends on: 31673    
Bug Blocks:    

Description David Walser 2023-04-04 21:19:14 CEST 
+++ This bug was initially created as a clone of Bug #31673 +++

In Bug 30291, we fixed a CVE with a buggy patch from Debian.  A fixed version of the patch has been posted here:
https://www.openwall.com/lists/oss-security/2023/03/14/7

* Update *

Some more fixes have been discussed in this thread:
https://www.openwall.com/lists/oss-security/2023/03/31/2

It doesn't sound like the remaining issues are that serious, unless I'm misreading, but we should at least update the patch in Cauldron.