CVE-2016-8605: Thread-unsafe umask modification. The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process" umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Fixed In Version: guile 2.0.13 CVE-2016-8606: REPL server vulnerable to HTTP inter-protocol attacks. The REPL server is vulnerable to the HTTP inter-protocol attack This constitutes a remote code execution vulnerability for developers running a REPL server that listens on a loopback device or private network. Applications that do not run a REPL server, as is usually the case, are unaffected. Fixed In Version: guile 2.0.13.