A buffer overflow flaw was discovered in Exim, a mail transport agent. Aremote attacker can take advantage of this flaw to cause a denial ofservice, or potentially the execution of arbitrary code.
More info:
https://www.debian.org/security/2019/dsa-4536
Lilith of Cisco Talos discovered a buffer overflow flaw in the quotacode used by e2fsck from the ext2/ext3/ext4 file system utilities.Running e2fsck on a malformed file system can result in the execution ofarbitrary code.
More info:
https://www.debian.org/security/2019/dsa-4535
It was discovered that file-roller, an archive manager for GNOME, doesnot properly handle the extraction of archives with a single ./../ in afile path. An attacker able to provide a specially crafted archive forprocessing can take advantage of this flaw to overwrite files if a useris dragging a specific file or map to a location to extract to.
More info:
https://www.debian.org/security/2019/dsa-4537
