Bug#1059656: bookworm-pu: package espeak-ng/1.51+dfsg-10+deb12u1
Control: tag -1 d-i moreinfo
On Fri, Dec 29, 2023 at 09:54:57PM +0100, Samuel Thibault wrote:
> [ Reason ]
> This upload provides fixes for CVEs. They are not a regression over
> oldstable.
>
> [ Impact ]
> Blind users using the espeak-ng speech synthesis might be at risk when
> e.g. reading a webpage that contains the CVE triggers.
>
> [ Tests ]
> CVE tests are getting added in the patch.
>
> [ Risks ]
> The code is relatively simple, comes from upstream, and has been in
> testing since December 24th.
Sorry, I hadn't spotted the udeb. d-i ack required.
Thanks,
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Reply to: