File _patchinfo of Package patchinfo.34879

<patchinfo incident="34879">
  <issue tracker="cve" id="2023-49991"/>
  <issue tracker="cve" id="2023-49992"/>
  <issue tracker="cve" id="2023-49993"/>
  <issue tracker="cve" id="2023-49990"/>
  <issue tracker="cve" id="2023-49994"/>
  <issue tracker="bnc" id="1218009">VUL-0: CVE-2023-49994: espeak-ng: floating point exception in PeaksToHarmspect at wavegen.c</issue>
  <issue tracker="bnc" id="1218007">VUL-0: CVE-2023-49992: espeak-ng: stack-buffer-overflow exists in the function RemoveEnding in dictionary.c</issue>
  <issue tracker="bnc" id="1218006">VUL-0: CVE-2023-49991: espeak-ng: stack-buffer-underflow exists in the function CountVowelPosition in synthdata.c</issue>
  <issue tracker="bnc" id="1218008">VUL-0: CVE-2023-49993: espeak-ng: buffer overflow in ReadClause function at readclause.c</issue>
  <issue tracker="bnc" id="1218010">VUL-0: CVE-2023-49990: espeak-ng: buffer overflow in SetUpPhonemeTable function at synthdata.c</issue>
  <packager>qzhao</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for espeak-ng</summary>
  <description>This update for espeak-ng fixes the following issues:

- CVE-2023-49990: Fixed buffer overflow in SetUpPhonemeTable function at synthdata.c (bsc#1218010)
- CVE-2023-49991: Fixed stack-buffer-underflow exists in the function CountVowelPosition in synthdata.c (bsc#1218006)
- CVE-2023-49992: Fixed stack-buffer-overflow exists in the function RemoveEnding in dictionary.c (bsc#1218007)
- CVE-2023-49993: Fixed buffer overflow in ReadClause function at readclause.c (bsc#1218008)
- CVE-2023-49994: Fixed floating point exception in PeaksToHarmspect at wavegen.c (bsc#1218009)
</description>
</patchinfo>