Download
| Alert*
CVE-2016-8605
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This ... CVE-2016-8606 The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. |