From 33b81c8c9faa61cf2564bd1e4936f906458e4d7ab386c4cfb147775bdcf6665f Mon Sep 17 00:00:00 2001
From: Dave Plater <davejplater@gmail.com>
Date: Mon, 17 Oct 2016 14:53:01 +0000
Subject: [PATCH] Accepting request 435751 from home:pgajdos

- security update
  * CVE-2016-8605 [bsc#1004221]
    + guile-CVE-2016-8605.patch

OBS-URL: https://build.opensuse.org/request/show/435751
OBS-URL: https://build.opensuse.org/package/show/devel:languages:misc/guile1?expand=0&rev=28
---
 guile1-CVE-2016-8605.patch | 38 ++++++++++++++++++++++++++++++++++++++
 guile1.changes             |  7 +++++++
 guile1.spec                |  4 +++-
 3 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 guile1-CVE-2016-8605.patch

diff --git a/guile1-CVE-2016-8605.patch b/guile1-CVE-2016-8605.patch
new file mode 100644
index 0000000..a956a14
--- /dev/null
+++ b/guile1-CVE-2016-8605.patch
@@ -0,0 +1,38 @@
+--- a/libguile/filesys.c
++++ b/libguile/filesys.c
+@@ -1255,26 +1255,21 @@ SCM_DEFINE (scm_getcwd, "getcwd", 0, 0, 0,
+ SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0,
+             (SCM path, SCM mode),
+ 	    "Create a new directory named by @var{path}.  If @var{mode} is omitted\n"
+-	    "then the permissions of the directory file are set using the current\n"
+-	    "umask.  Otherwise they are set to the decimal value specified with\n"
+-	    "@var{mode}.  The return value is unspecified.")
++	    "then the permissions of the directory are set to @code{#o777}\n"
++	    "masked with the current umask (@pxref{Processes, @code{umask}}).\n"
++	    "Otherwise they are set to the value specified with @var{mode}.\n"
++	    "The return value is unspecified.")
+ #define FUNC_NAME s_scm_mkdir
+ {
+   int rv;
+-  mode_t mask;
++  mode_t c_mode;
+ 
+-  if (SCM_UNBNDP (mode))
+-    {
+-      mask = umask (0);
+-      umask (mask);
+-      STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask));
+-    }
+-  else
+-    {
+-      STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode)));
+-    }
++  c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode);
++
++  STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode));
+   if (rv != 0)
+     SCM_SYSERROR;
++
+   return SCM_UNSPECIFIED;
+ }
+ #undef FUNC_NAME
diff --git a/guile1.changes b/guile1.changes
index a283f23..9a9bd72 100644
--- a/guile1.changes
+++ b/guile1.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Oct 17 13:36:19 UTC 2016 - pgajdos@suse.com
+
+- security update
+  * CVE-2016-8605 [bsc#1004221]
+    + guile-CVE-2016-8605.patch
+
 -------------------------------------------------------------------
 Sat Mar 14 11:20:43 UTC 2015 - mpluskal@suse.com
 
diff --git a/guile1.spec b/guile1.spec
index c0685b6..2db0b8d 100644
--- a/guile1.spec
+++ b/guile1.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package guile1
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,6 +35,7 @@ Patch6:         guile-automake-1.13.patch
 Patch7:         guile-socket-test.patch
 # fix failures with texinfo 5.2
 Patch8:         guile-texinfo.patch
+Patch9:         guile1-CVE-2016-8605.patch
 BuildRequires:  automake
 BuildRequires:  gc-devel
 BuildRequires:  gmp-devel
@@ -157,6 +158,7 @@ contains the files necessary to link against the guile libraries.
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 # guile-1.8.1: The code is not so good for -Werror (unused results of write()).
 sed -i s/-Werror// configure.in configure