On 12.01.26 03:59, Martin Guy wrote:
fixes all 20 or so CVEs, some of which could lead to code injection using crafted malformed compressed format files (whic is why I mark it as "important").
Can you please be a bit more verbose about what you mean with this? According to [1] there are no open CVEs in the Debian package. Thorsten [1] https://security-tracker.debian.org/tracker/source-package/sox
