CVE-2016-8605 - log back

CVE-2016-8605 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Information disclosure
Description
+ The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777.
References
+ https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00009.html
Notes