- Package name
- Advisory ID
- Affected versions
- MBS1 x86_64
Multiple vulnerabilities has been discovered and corrected in flite:
The play_wave_from_socket function in audio/auserver.c in Flite 1.4
allows local users to modify arbitrary files via a symlink attack
on /tmp/awb.wav. NOTE: some of these details are obtained from third
party information (CVE-2014-0027).
The updated packages have been patched to correct this issue.
9ff31a7d8198f78a479e6b61df16e65a mbs1/x86_64/flite-1.3-2.1.mbs1.x86_64.rpm 27f5093dfbae9b8632064a117229a5ff mbs1/x86_64/lib64flite-devel-1.3-2.1.mbs1.x86_64.rpm 1a7c3036c885f25f810cd61a8fef93b8 mbs1/SRPMS/flite-1.3-2.1.mbs1.src.rpm