[Secure-testing-team] Bug#840556: guile-2.0: CVE-2016-8605
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 12 18:33:49 UTC 2016
Source: guile-2.0
Version: 2.0.11+1-9
Severity: important
Tags: security upstream patch
Forwarded: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=24659
Hi,
the following vulnerability was published for guile-2.0.
CVE-2016-8605[0]:
Thread-unsafe umask modification
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-8605
[1] http://debbugs.gnu.org/cgi/bugreport.cgi?bug=24659
[2] http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
[3] http://seclists.org/oss-sec/2016/q4/92
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list