libsox-fmt-mp3 - SoX MP2 and MP3 format library

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Updates Universe amd64
Package filename libsox-fmt-mp3_14.4.2-3ubuntu0.18.04.1_amd64.deb
Package name libsox-fmt-mp3
Package version 14.4.2
Package release 3ubuntu0.18.04.1
Package architecture amd64
Package type deb
Category universe/sound
License -
Maintainer Ubuntu Developers <>
Download size 15.49 KB
Installed size 70.00 KB
SoX is the swiss army knife of sound processing.
This package contains the SoX MP2 and MP3 format library.
Read support by libmad. MP2 and MP3 write support by libtwolame and
libmp3lame respectively.


Package Version Architecture Repository
libsox-fmt-mp3_14.4.2-3ubuntu0.18.04.1_i386.deb 14.4.2 i386 Ubuntu Updates Universe
libsox-fmt-mp3_14.4.2-3_i386.deb 14.4.2 i386 Ubuntu Universe
libsox-fmt-mp3_14.4.2-3_amd64.deb 14.4.2 amd64 Ubuntu Universe
libsox-fmt-mp3 - - -


Name Value
libc6 >= 2.14
libid3tag0 >= 0.15.1b
libmad0 >= 0.15.1b-3
libmp3lame0 >= 3.100
libsox3 >= 14.4.2~
libtwolame0 >= 0.3.10


Type URL
Binary Package libsox-fmt-mp3_14.4.2-3ubuntu0.18.04.1_amd64.deb
Source Package sox

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libsox-fmt-mp3 deb package:
    # sudo apt-get install libsox-fmt-mp3


2019-08-01 - Eduardo Barretto <>
sox (14.4.2-3ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: Integer overflow on the result of multiplication fed into
- debian/patches/CVE-2019-8354.patch: fix possible buffer size overflow in
- CVE-2019-8354
* SECURITY UPDATE: Integer overflow on the result of multiplication fed into
lsx_valloc macro that wraps malloc.
- debian/patches/CVE-2019-8355.patch: fix possible overflow in
lsx_(re)valloc() size calculation
- CVE-2019-8355
* SECURITY UPDATE: Stack-based buffer overflow can lead to write access
outside of the statically declared array.
- debian/patches/CVE-2019-8356.patch: fft4g bail if size too large.
- CVE-2019-8356
* SECURITY UPDATE: NULL pointer deference in lsx_make_lpf.
- debian/patches/CVE-2019-8357.patch: fix possible null pointer deref in
- CVE-2019-8357
2017-12-18 - Jaromír Mikeš <>
sox (14.4.2-3) unstable; urgency=medium
* Patch 0005 refreshed. (Closes: #882599)
* Improve english in d/bug-presubj file. (Closes: #882601)
* Bump Standards.
* Use secure uri where possible.
2017-11-24 - Jaromír Mikeš <>
sox (14.4.2-2) unstable; urgency=medium
* Upload to unstable to start transition.
* Add patch to fix CVE-2017-15372. (Closes: #878808)
* Add patch to fix CVE-2017-15642. (Closes: #882144)
* Add patch to fix CVE-2017-11333 in vorbis lib. (Closes: #882236)
2017-11-19 - Jaromír Mikeš <>
sox (14.4.2-1) experimental; urgency=medium
[ Jaromír Mikeš ]
* New upstream version 14.4.2 (Closes: #800344)
* Set compat/dh 10.
* Bump Standards.
* Adopt package.(Closes: #876904)
* Update Homepage to avoid redirecting.
* Update Vcs entry.
* Improve description of dev package.
* Drop unused patches.
* Delete dirs files.
* Simplify install files.
* Simplify rules file.
* Set hardening all.
* Try avoid useless linking.
* Update copyright file.
* Introduce symbols file.
* Bump soname.
* Use secure uri in watch file.
* Introduce script.
* Add patch to fix build.
* Add patch to fix spelling.
* Add patches to fix CVE's.
(Closes: #878809) (Closes: #878810) (Closes: #870328)
* Add gbp.conf.
* Add override_dh_installchangelogs.
* Remove old configure option.
* override_dh_makeshlibs is not needed any more.
* Add 0010-wavpack_check_errors.patch. (Closes: #881145)
* Add bug-presubj file.
* Add man page fixing patch.
* Add xa-validate-channel-count patch. (Closes: #881121)
[ Sebastian Ramacher ]
* Remove shlibs file, symbols file already present
2014-12-24 - Pascal Giard <>
sox (14.4.1-5) unstable; urgency=medium
* Patches to fix memory corruptions on the heap, CVE-2014-8145
(closes: #773720):
+ 0001-Check-for-minimum-size-sphere-headers.patch
+ 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
2014-05-21 - Pascal Giard <>
sox (14.4.1-4) unstable; urgency=low
* [debian/rules,debian/control]:
- Build with dh-autoreconf instead of autotools-dev to fix FTBFS on new
architectures. Thanks to William Grant <> and Breno
Leitao <> (Closes: #746517).
* [debian/control]:
- Remove useless build-dep on libav* (Closes: #748049).
2013-04-15 - Pascal Giard <>
sox (14.4.1-3) unstable; urgency=low
* [debian/rules]:
- Added an explicit call to dh_installchangelogs as Ubuntu no longer does
does it by default. It's important for us as it contains the list of
past contributors.
* [debian/docs]:
- Fixed paths to files.

See Also

Package Description
libsox-fmt-oss_14.4.2-3ubuntu0.18.04.1_amd64.deb SoX OSS format I/O library
libsox-fmt-pulse_14.4.2-3ubuntu0.18.04.1_amd64.deb SoX PulseAudio format I/O library
libsox3_14.4.2-3ubuntu0.18.04.1_amd64.deb SoX library of audio effects and processing
libspring-aop-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - AOP
libspring-beans-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Beans
libspring-context-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Context
libspring-context-support-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Context Support
libspring-core-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Core
libspring-expression-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Expression language
libspring-instrument-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Instrumentation
libspring-jdbc-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - JDBC tools
libspring-jms-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - JMS tools
libspring-messaging-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Messaging tools
libspring-orm-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - ORM tools
libspring-oxm-java_4.3.22-1~18.04_all.deb modular Java/J2EE application framework - Object/XML Mapping