AVG-47

Package guile
Status Fixed
Severity High
Type multiple issues
Affected 2.0.12-1
Fixed 2.0.13-1
Current 2.2.3-1 [extra]
Ticket None
Created Sun Oct 16 11:42:02 2016
Issue Severity Remote Type Description
CVE-2016-8606 High Yes Arbitrary code execution
It was  reported that the REPL server is vulnerable to the HTTP inter- protocol attack. This constitutes a remote code execution vulnerability for...
CVE-2016-8605 Low No Information disclosure
The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process' umask to zero. During that time...
Date Advisory Package Description
16 Oct 2016 ASA-201610-10 guile multiple issues
References
http://www.openwall.com/lists/oss-security/2016/10/11/1
http://www.openwall.com/lists/oss-security/2016/10/12/2