Errata overview
Errata ID 593
Date 2019-10-02
Source package e2fsprogs
Fixed in version 1.43.4-2+deb9u1A~
This update addresses the following issue:
* An exploitable code execution vulnerability exists in the quota file
  functionality of E2fsprogs. A specially crafted ext4 partition can cause an
  out-of-bounds write on the heap, resulting in code execution. An attacker
  can corrupt a partition to trigger this vulnerability. (CVE-2019-5094)
Additional notes
CVE ID CVE-2019-5094
UCS Bug number #50299