aspell: stack-based buffer over-read (CVE-2019-17544)

libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.

References:

• https://nvd.nist.gov/vuln/detail/CVE-2019-17544
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17544

Patch:

https://github.com/GNUAspell/aspell/commit/80fa26c74279fced8d778351cff19d1d8f44fe4e

Affected branches:

• master (225e389a)
• 3.10-stable
• 3.9-stable
• 3.8-stable
• 3.7-stable