[Tts-project] Bug#745808: speech-dispatcher: CVE-2014-1724

Moritz Mühlenhoff jmm at inutil.org
Thu Dec 4 15:52:43 UTC 2014

On Fri, May 16, 2014 at 11:17:32AM +1000, Luke Yelavich wrote:
> On Fri, Apr 25, 2014 at 10:06:04PM EST, Moritz Muehlenhoff wrote:
> > Hi,
> > the details are a bit scarce, can you contact upstream whether the Chrome
> > developers have contacted them?
> > 
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1724
> > 
> > It's unclear whether this is a security issue in itself or only as part
> > of the integration in Chrome.
> There is no bug in the upstream bug tracker for this, and there has been no contact on the speech-dispatcher mailing list. Brailcom or Hynek Hanke may have been contacted privately however.

this was fixed upstream as per
https://its.freebsoft.org/its/issues/29863, can you cherrypick
413ff41fcad0053fd59cca40db69ca699e903c43 and
ef9a3f1570fb9970aea08bd09547af8ee3c7bc94 for jessie?


More information about the Tts-project mailing list