Several vulnerabilities were discovered in GNU Guile, an
implementation of the Scheme programming language. The Common
Vulnerabilities and Exposures project identifies the following issues.
It was reported that the REPL server is vulnerable to the HTTP
inter-protocol attack.
This constitutes a remote code execution vulnerability for
developers running a REPL server that listens on a loopback device
or private network. Applications that do not run a REPL server, as
is usually the case, are unaffected.
For Debian 7 Wheezy, these problems have been fixed in version
2.0.5+1-3+deb7u1.
We recommend that you upgrade your guile-2.0 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>