Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4535-1] e2fsprogs security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4535-1] e2fsprogs security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4535-1] e2fsprogs security update
  • Date: Fri, 27 Sep 2019 21:37:45 +0000
  • List-archive: https://lists.debian.org/msgid-search/E1iDxvt-0004Pk-IA AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Fri, 27 Sep 2019 21:38:04 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <cKGdpBv1kBI.A.O_E.8EojdB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4535-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 27, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : e2fsprogs
CVE ID : CVE-2019-5094
Debian Bug : 941139

Lilith of Cisco Talos discovered a buffer overflow flaw in the quota
code used by e2fsck from the ext2/ext3/ext4 file system utilities.
Running e2fsck on a malformed file system can result in the execution of
arbitrary code.

For the oldstable distribution (stretch), this problem has been fixed
in version 1.43.4-2+deb9u1.

For the stable distribution (buster), this problem has been fixed in
version 1.44.5-1+deb10u2.

We recommend that you upgrade your e2fsprogs packages.

For the detailed security status of e2fsprogs please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/e2fsprogs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2Of/xfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q6Zg/9GWawqZcu65yl5zr0+vs8RSWB5193eMW/EmzjPEqij9iuy3j+uPWiVwy3
W8e0+87IZgY9cQUsilqsXVEelyx+Kg2uvMRiQET47WGGeWAxL5Hy2ntYTfgMKZ0z
OA3h8I0Dep1ex6WbOYrhrNYYbRQhz2+LMScL2Z1oNiK2+kCnFwZ8T7c8ZYczXpHz
FIP1rtKn0z0rLhncpcsmNmLIlOCnk7htGb5Zq0wfjkqNQICTL/fUAQYPHbT8i27K
sTyZTRA72URw7iYbbjFW86Lv/ly34ss3OT0Skoz/EDTihAF3MZfIyFNeYYyTST4L
yt4XSvNEyfKriLZuiB4KGr5ImgRU7RHo92aLfo4WTsnW4DzvXqaxVl19lMBBLh4/
JUYEweJLorf6KQ+Umbke11evr4d9ayKj5tyPtWfGQ4ts5auOGzx7qkyzGHvd9816
y8duWITrc4ANguGx3wX2dtWR1AFuEGyGhsvMMYOILwkef3sfIBILLLVkFvA/1w/H
Vo8LLRGGRMMcEgezmWKKFym0k309D3ldnn9u3ES87ANQU0wGE6Z3K3QzkfscAKzS
Sq18f6oo+GoETQBuWEDTpE8gM5jX6uEBcf1I/g8cJamaHdz3rjuYQPjzwRkiz3xn
j4qFI+sENriVCx2XK/99FiRJfrhaNkgWG8eR0mKnXHKnJ0KZxiQ=
=RTeU
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4535-1] e2fsprogs security update, Salvatore Bonaccorso, 27.09.2019

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang