Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:1659-1

Опубликовано: 18 июн. 2020
Источник: suse-cvrf

Описание

Security update for guile

This update for guile fixes the following issues:

  • CVE-2016-8605: Fixed thread-unsafe umask modification (bsc#1004221).

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP4
guile1-1.8.8-16.4.39
libguile-srfi-srfi-1-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-13-14-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-4-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-60-v-2-2-1.8.8-16.4.39
libguile1-devel-1.8.8-16.4.39
libguile17-1.8.8-16.4.39
libguilereadline-v-17-17-1.8.8-16.4.39
SUSE Linux Enterprise Software Development Kit 12 SP5
guile1-1.8.8-16.4.39
libguile-srfi-srfi-1-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-13-14-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-4-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-60-v-2-2-1.8.8-16.4.39
libguile1-devel-1.8.8-16.4.39
libguile17-1.8.8-16.4.39
libguilereadline-v-17-17-1.8.8-16.4.39
SUSE Linux Enterprise Workstation Extension 12 SP4
guile1-1.8.8-16.4.39
libguile-srfi-srfi-1-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-13-14-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-4-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-60-v-2-2-1.8.8-16.4.39
libguile17-1.8.8-16.4.39
libguilereadline-v-17-17-1.8.8-16.4.39
SUSE Linux Enterprise Workstation Extension 12 SP5
guile1-1.8.8-16.4.39
libguile-srfi-srfi-1-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-13-14-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-4-v-3-3-1.8.8-16.4.39
libguile-srfi-srfi-60-v-2-2-1.8.8-16.4.39
libguile17-1.8.8-16.4.39
libguilereadline-v-17-17-1.8.8-16.4.39

Ссылки

Описание

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP4:guile1-1.8.8-16.4.39
SUSE Linux Enterprise Software Development Kit 12 SP4:libguile-srfi-srfi-1-v-3-3-1.8.8-16.4.39
SUSE Linux Enterprise Software Development Kit 12 SP4:libguile-srfi-srfi-13-14-v-3-3-1.8.8-16.4.39
SUSE Linux Enterprise Software Development Kit 12 SP4:libguile-srfi-srfi-4-v-3-3-1.8.8-16.4.39
Ссылки
Уязвимость SUSE-SU-2020:1659-1