CVE-2016-8605 log
Source |
|
Severity | Low |
Remote | No |
Type | Information disclosure |
Description | The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-47 | guile | 2.0.12-1 | 2.0.13-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
16 Oct 2016 | ASA-201610-10 | AVG-47 | guile | High | multiple issues |
References |
---|
https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00009.html |