VYPR

rpm package

suse/guile1&distro=SUSE Linux Enterprise Software Development Kit 12 SP4

pkg:rpm/suse/guile1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4

Vulnerabilities (1)

  • CVE-2016-8605MedJan 12, 2017
    affected < 1.8.8-16.4.39fixed 1.8.8-16.4.39

    The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create direct