-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : e2fsprogs Version : 1.42.12-2+deb8u1 CVE ID : CVE-2019-5094
Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code. For Debian 8 "Jessie", this problem has been fixed in version 1.42.12-2+deb8u1. We recommend that you upgrade your e2fsprogs packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl2PK7JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdjoRAAjZzx8443gvB4G3K1C0vxSNiSBUqNTInW8Qa/kuRzB7H/YzKQOSgTO3Km vYlyu4DH8q2cht8LJLjbsoeOH02RMKum2/Ju1HO20EUl7dXQHnSwdjq29gTNfFxN ienzYanm3+1Fy9JKBet9HxUqZs1xR2hucSR+U8qmpvVxGdloK0V52qh0IPmW2to8 Vi/xTe4lctHneVfWsPgnx8o10INmczub+JLGjxLT0dpUr271lP7Xs4sAyKgbkukX 3+hVsdoGrqA15+hK+OJZ5N6B3fXo4b3tG5b+Z7NnW9JFyfEGrfz6e+/KsBFORFeY UzOWdbmKgJhGN1ezNg5xYy4k3s4FJdrX9VBldfWCDBwVpK074h/1Fo6gcm1NlmCR lSk62YMMAzxiaD0YbfuRftBeHCmdXyDxduo0+SfKKIahpJu+Q+YPQNzu2Y+EKV3H IGGuaCW8S5ZDkjIPJZwN7XLUVLMsMV8pteXwRbXjPzblsQS2yZkb/I6YogHkw5XJ 1KivIPci8DBZRTLt4ti3BdJ8Got2CgtsGatV5z9FHUTr4xFdoyRFWJbc9wL3k5IF aNL0gRzwkpy8xZHXq0EfgWydlZ9h/Rx3MQSFYz0VrdPX5LkhP84hmUhbjEavOiQ1 oCZ/Y9b8H9/DDCQ2FiVGn1ISKCBdpOlannLVBK9p6CZEISlONUo= =wu9B -----END PGP SIGNATURE-----
