CVE-2016-8605 log
| Source |
|
| Severity | Low |
| Remote | No |
| Type | Information disclosure |
| Description | The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-47 | guile | 2.0.12-1 | 2.0.13-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 16 Oct 2016 | ASA-201610-10 | AVG-47 | guile | High | multiple issues |
| References |
|---|
https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00009.html |