Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Fedora 25: 2016-10-16 Moderate: Guile HTTP and Umask Threats

fedora
Calendar Grey October 16, 2016
Dist Fedora Esm H88
Resolves significant problems in guile for Fedora 25, tackling thread safety and HTTP security risks in the newest release.
Update to the latest stable release, which fixes CVE-2016-8605 and CVE-2016-8606.

Summary

GUILE (GNU's Ubiquitous Intelligent Language for Extension) is a library

implementation of the Scheme programming language, written in C. GUILE

provides a machine-independent execution platform that can be linked in

as a library during the building of extensible programs.

Install the guile package if you'd like to add extensibility to programs

that you are developing.

Update Information:

Update to the latest stable release, which fixes CVE-2016-8605 and CVE-2016-8606.

Change Log

References


[ 1 ] Bug #1383966 - CVE-2016-8605 guile: Thread-unsafe umask modification https://bugzilla.redhat.com/show_bug.cgi?id=1383966 [ 2 ] Bug #1383972 - CVE-2016-8606 guile: REPL server vulnerable to HTTP inter-protocol attacks https://bugzilla.redhat.com/show_bug.cgi?id=1383972

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update guile' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: guile
Product: Fedora 25
Version: 2.0.13
Release: 1.fc25
Summary: A GNU implementation of Scheme for application extensibility

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.