Описание
Security update for espeak-ng
This update for espeak-ng fixes the following issues:
- CVE-2023-49990: Fixed buffer overflow in SetUpPhonemeTable function at synthdata.c (bsc#1218010)
- CVE-2023-49991: Fixed stack-buffer-underflow exists in the function CountVowelPosition in synthdata.c (bsc#1218006)
- CVE-2023-49992: Fixed stack-buffer-overflow exists in the function RemoveEnding in dictionary.c (bsc#1218007)
- CVE-2023-49993: Fixed buffer overflow in ReadClause function at readclause.c (bsc#1218008)
- CVE-2023-49994: Fixed floating point exception in PeaksToHarmspect at wavegen.c (bsc#1218009)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
espeak-ng-1.50-150300.3.3.1
espeak-ng-compat-1.50-150300.3.3.1
espeak-ng-compat-devel-1.50-150300.3.3.1
espeak-ng-devel-1.50-150300.3.3.1
libespeak-ng1-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
espeak-ng-1.50-150300.3.3.1
espeak-ng-compat-1.50-150300.3.3.1
espeak-ng-compat-devel-1.50-150300.3.3.1
espeak-ng-devel-1.50-150300.3.3.1
libespeak-ng1-1.50-150300.3.3.1
openSUSE Leap 15.5
espeak-ng-1.50-150300.3.3.1
espeak-ng-compat-1.50-150300.3.3.1
espeak-ng-compat-devel-1.50-150300.3.3.1
espeak-ng-devel-1.50-150300.3.3.1
libespeak-ng1-1.50-150300.3.3.1
openSUSE Leap 15.6
espeak-ng-1.50-150300.3.3.1
espeak-ng-compat-1.50-150300.3.3.1
espeak-ng-compat-devel-1.50-150300.3.3.1
espeak-ng-devel-1.50-150300.3.3.1
libespeak-ng1-1.50-150300.3.3.1
Ссылки
- Link for SUSE-SU-2024:2632-1
- E-Mail link for SUSE-SU-2024:2632-1
- SUSE Security Ratings
- SUSE Bug 1218006
- SUSE Bug 1218007
- SUSE Bug 1218008
- SUSE Bug 1218009
- SUSE Bug 1218010
- SUSE CVE CVE-2023-49990 page
- SUSE CVE CVE-2023-49991 page
- SUSE CVE CVE-2023-49992 page
- SUSE CVE CVE-2023-49993 page
- SUSE CVE CVE-2023-49994 page
Описание
Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-devel-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-devel-1.50-150300.3.3.1
Ссылки
- CVE-2023-49990
- SUSE Bug 1218010
Описание
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-devel-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-devel-1.50-150300.3.3.1
Ссылки
- CVE-2023-49991
- SUSE Bug 1218006
Описание
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-devel-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-devel-1.50-150300.3.3.1
Ссылки
- CVE-2023-49992
- SUSE Bug 1218007
Описание
Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-devel-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-devel-1.50-150300.3.3.1
Ссылки
- CVE-2023-49993
- SUSE Bug 1218008
Описание
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-compat-devel-1.50-150300.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:espeak-ng-devel-1.50-150300.3.3.1
Ссылки
- CVE-2023-49994
- SUSE Bug 1218009