openSUSE 15 Security Update : guile1, lilypond (openSUSE-SU-2023:0137-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0137-1 advisory. - The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other...

PT-2023-11479

Name of the Vulnerable Software and Affected Versions LilyPond versions prior to 2.24 Description The issue allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code...