Hello community, here is the log from the commit of package guile1 for openSUSE:Factory checked in at 2016-10-19 13:13:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/guile1 (Old) and /work/SRC/openSUSE:Factory/.guile1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "guile1" Changes: -------- --- /work/SRC/openSUSE:Factory/guile1/guile1.changes 2015-03-16 09:38:43.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.guile1.new/guile1.changes 2016-10-19 13:14:23.000000000 +0200 @@ -1,0 +2,7 @@ +Mon Oct 17 13:36:19 UTC 2016 - pgaj...@suse.com + +- security update + * CVE-2016-8605 [bsc#1004221] + + guile1-CVE-2016-8605.patch + +------------------------------------------------------------------- New: ---- guile1-CVE-2016-8605.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ guile1.spec ++++++ --- /var/tmp/diff_new_pack.63xphw/_old 2016-10-19 13:14:24.000000000 +0200 +++ /var/tmp/diff_new_pack.63xphw/_new 2016-10-19 13:14:24.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package guile1 # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -35,6 +35,7 @@ Patch7: guile-socket-test.patch # fix failures with texinfo 5.2 Patch8: guile-texinfo.patch +Patch9: guile1-CVE-2016-8605.patch BuildRequires: automake BuildRequires: gc-devel BuildRequires: gmp-devel @@ -157,6 +158,7 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 # guile-1.8.1: The code is not so good for -Werror (unused results of write()). sed -i s/-Werror// configure.in configure ++++++ guile1-CVE-2016-8605.patch ++++++ --- a/libguile/filesys.c +++ b/libguile/filesys.c @@ -1255,26 +1255,21 @@ SCM_DEFINE (scm_getcwd, "getcwd", 0, 0, 0, SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0, (SCM path, SCM mode), "Create a new directory named by @var{path}. If @var{mode} is omitted\n" - "then the permissions of the directory file are set using the current\n" - "umask. Otherwise they are set to the decimal value specified with\n" - "@var{mode}. The return value is unspecified.") + "then the permissions of the directory are set to @code{#o777}\n" + "masked with the current umask (@pxref{Processes, @code{umask}}).\n" + "Otherwise they are set to the value specified with @var{mode}.\n" + "The return value is unspecified.") #define FUNC_NAME s_scm_mkdir { int rv; - mode_t mask; + mode_t c_mode; - if (SCM_UNBNDP (mode)) - { - mask = umask (0); - umask (mask); - STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask)); - } - else - { - STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode))); - } + c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode); + + STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode)); if (rv != 0) SCM_SYSERROR; + return SCM_UNSPECIFIED; } #undef FUNC_NAME