sox - Swiss army knife of sound processing

Property Value
Distribution Ubuntu 19.04 (Disco Dingo)
Repository Ubuntu Updates Universe i386
Package filename sox_14.4.2-3ubuntu0.19.04.1_i386.deb
Package name sox
Package version 14.4.2
Package release 3ubuntu0.19.04.1
Package architecture i386
Package type deb
Category universe/sound
License -
Maintainer Ubuntu Developers <>
Download size 100.71 KB
Installed size 190.00 KB
SoX is a command line utility that can convert various formats of computer
audio files in to other formats. It can also apply various effects to these
sound files during the conversion. As an added bonus, SoX can play and record
audio files on several unix-style platforms.
SoX is able to handle formats like Ogg Vorbis, MP3, WAV, AIFF, VOC, SND, AU,
GSM and several more.
Any format support requires at least libsox-fmt-base. Some formats have their
own package e.g. mp3 read and write support is provided by libsox-fmt-mp3.
SoX supports most common sound architectures i.e. Alsa, Libao, OSS and Pulse
(respectively provided by libsox-fmt-alsa, libsox-fmt-ao, libsox-fmt-oss and
libsox-fmt-pulse). It also supports LADSPA plugins.


Package Version Architecture Repository
sox_14.4.2-3ubuntu0.19.04.1_amd64.deb 14.4.2 amd64 Ubuntu Updates Universe
sox_14.4.2-3_i386.deb 14.4.2 i386 Ubuntu Universe
sox_14.4.2-3_amd64.deb 14.4.2 amd64 Ubuntu Universe
sox - - -


Name Value
libc6 >= 2.29
libsox-fmt-alsa = 14.4.2-3ubuntu0.19.04.1
libsox-fmt-ao = 14.4.2-3ubuntu0.19.04.1
libsox-fmt-base = 14.4.2-3ubuntu0.19.04.1
libsox-fmt-oss = 14.4.2-3ubuntu0.19.04.1
libsox-fmt-pulse = 14.4.2-3ubuntu0.19.04.1
libsox3 = 14.4.2-3ubuntu0.19.04.1


Type URL
Binary Package sox_14.4.2-3ubuntu0.19.04.1_i386.deb
Source Package sox

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install sox deb package:
    # sudo apt-get install sox


2019-08-01 - Eduardo Barretto <>
sox (14.4.2-3ubuntu0.19.04.1) disco-security; urgency=medium
* SECURITY UPDATE: Integer overflow on the result of multiplication fed into
- debian/patches/CVE-2019-8354.patch: fix possible buffer size overflow in
- CVE-2019-8354
* SECURITY UPDATE: Integer overflow on the result of multiplication fed into
lsx_valloc macro that wraps malloc.
- debian/patches/CVE-2019-8355.patch: fix possible overflow in
lsx_(re)valloc() size calculation
- CVE-2019-8355
* SECURITY UPDATE: Stack-based buffer overflow can lead to write access
outside of the statically declared array.
- debian/patches/CVE-2019-8356.patch: fft4g bail if size too large.
- CVE-2019-8356
* SECURITY UPDATE: NULL pointer deference in lsx_make_lpf.
- debian/patches/CVE-2019-8357.patch: fix possible null pointer deref in
- CVE-2019-8357
2017-12-18 - Jaromír Mikeš <>
sox (14.4.2-3) unstable; urgency=medium
* Patch 0005 refreshed. (Closes: #882599)
* Improve english in d/bug-presubj file. (Closes: #882601)
* Bump Standards.
* Use secure uri where possible.
2017-11-24 - Jaromír Mikeš <>
sox (14.4.2-2) unstable; urgency=medium
* Upload to unstable to start transition.
* Add patch to fix CVE-2017-15372. (Closes: #878808)
* Add patch to fix CVE-2017-15642. (Closes: #882144)
* Add patch to fix CVE-2017-11333 in vorbis lib. (Closes: #882236)
2017-11-19 - Jaromír Mikeš <>
sox (14.4.2-1) experimental; urgency=medium
[ Jaromír Mikeš ]
* New upstream version 14.4.2 (Closes: #800344)
* Set compat/dh 10.
* Bump Standards.
* Adopt package.(Closes: #876904)
* Update Homepage to avoid redirecting.
* Update Vcs entry.
* Improve description of dev package.
* Drop unused patches.
* Delete dirs files.
* Simplify install files.
* Simplify rules file.
* Set hardening all.
* Try avoid useless linking.
* Update copyright file.
* Introduce symbols file.
* Bump soname.
* Use secure uri in watch file.
* Introduce script.
* Add patch to fix build.
* Add patch to fix spelling.
* Add patches to fix CVE's.
(Closes: #878809) (Closes: #878810) (Closes: #870328)
* Add gbp.conf.
* Add override_dh_installchangelogs.
* Remove old configure option.
* override_dh_makeshlibs is not needed any more.
* Add 0010-wavpack_check_errors.patch. (Closes: #881145)
* Add bug-presubj file.
* Add man page fixing patch.
* Add xa-validate-channel-count patch. (Closes: #881121)
[ Sebastian Ramacher ]
* Remove shlibs file, symbols file already present
2014-12-24 - Pascal Giard <>
sox (14.4.1-5) unstable; urgency=medium
* Patches to fix memory corruptions on the heap, CVE-2014-8145
(closes: #773720):
+ 0001-Check-for-minimum-size-sphere-headers.patch
+ 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
2014-05-21 - Pascal Giard <>
sox (14.4.1-4) unstable; urgency=low
* [debian/rules,debian/control]:
- Build with dh-autoreconf instead of autotools-dev to fix FTBFS on new
architectures. Thanks to William Grant <> and Breno
Leitao <> (Closes: #746517).
* [debian/control]:
- Remove useless build-dep on libav* (Closes: #748049).
2013-04-15 - Pascal Giard <>
sox (14.4.1-3) unstable; urgency=low
* [debian/rules]:
- Added an explicit call to dh_installchangelogs as Ubuntu no longer does
does it by default. It's important for us as it contains the list of
past contributors.
* [debian/docs]:
- Fixed paths to files.

See Also

Package Description
spice-html5_0.1.7-3ubuntu0.19.04.1_all.deb Spice Web client which runs entirely within a modern browser
squid-cgi_4.4-1ubuntu2.2_i386.deb Full featured Web Proxy cache (HTTP proxy) - control CGI
squid-purge_4.4-1ubuntu2.2_i386.deb Full featured Web Proxy cache (HTTP proxy) - cache management utility
squidclient_4.4-1ubuntu2.2_i386.deb Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility
srptools_22.1-1ubuntu0.1_i386.deb Tools for Infiniband attached storage (SRP)
sssd-kcm_1.16.3-3ubuntu1.1_i386.deb System Security Services Daemon -- Kerberos KCM server implementation
stress-ng_0.09.57-0ubuntu3_i386.deb tool to load and stress a computer
sudo-ldap_1.8.27-1ubuntu1.1_i386.deb Provide limited super user privileges to specific users
systemd-container_240-6ubuntu5.7_i386.deb systemd container/nspawn tools
systemd-coredump_240-6ubuntu5.7_i386.deb tools for storing and retrieving coredumps
systemd-journal-remote_240-6ubuntu5.7_i386.deb tools for sending and receiving remote journal logs
systemd-tests_240-6ubuntu5.7_i386.deb tests for systemd
thunderbird-globalmenu_60.9.0+build1-0ubuntu0.19.04.1_i386.deb Email, RSS and newsgroup client (transitional package)
thunderbird-mozsymbols_60.9.0+build1-0ubuntu0.19.04.1_i386.deb Email, RSS and newsgroup client - Breakpad symbols
tkmib_5.7.3+dfsg-5ubuntu1.2_all.deb SNMP (Simple Network Management Protocol) MIB browser