Updated espeak-ng packages fix security vulnerabilities
Publication date: 02 Jul 2024Modification date: 02 Jul 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-49990 , CVE-2023-49991 , CVE-2023-49992 , CVE-2023-49993 , CVE-2023-49994
Description
It was discovered that eSpeak NG did not properly manage memory under
certain circumstances. An attacker could possibly use this issue to cause a
denial of service, or execute arbitrary code.
References
- https://bugs.mageia.org/show_bug.cgi?id=33348
- https://ubuntu.com/security/notices/USN-6858-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49990
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49991
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49992
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49993
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49994
SRPMS
9/core
- espeak-ng-1.51.1-1.1.mga9