| Package | espeak-ng |
|---|---|
| Version | 1.49.0+dfsg-11+deb9u1 (stretch), 1.49.2+dfsg-8+deb10u2 (buster) |
| Related CVEs | CVE-2023-49990 CVE-2023-49991 CVE-2023-49992 CVE-2023-49993 CVE-2023-49994 |
Several issues have been found in espeak-ng, a Multi-lingual software speech synthesizer. The issues are related to buffer overflow or underflow in several functions and a floating point exception.
For Debian 10 buster, these problems have been fixed in version 1.49.2+dfsg-8+deb10u2.
For Debian 9 stretch, these problems have been fixed in version 1.49.0+dfsg-11+deb9u1.
We recommend that you upgrade your espeak-ng packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.