Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2022-01-31 22:57:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "afl" Mon Jan 31 22:57:23 2022 rev:67 rq:950197 version:4.00c Changes: -------- --- /work/SRC/openSUSE:Factory/afl/afl.changes 2021-09-26 21:49:36.546844123 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.1898/afl.changes 2022-01-31 22:58:14.557209624 +0100 @@ -1,0 +2,77 @@ +Mon Jan 31 12:45:45 UTC 2022 - Marcus Meissner <meiss...@suse.com> + +- updated to 4.00c + + - complete documentation restructuring, made possible by Google Season + of Docs :) thank you Jana! + - we renamed several UI and fuzzer_stat entries to be more precise, + e.g. "unique crashes" -> "saved crashes", "total paths" -> + "corpus count", "current path" -> "current item". + This might need changing custom scripting! + - Nyx mode (full system emulation with snapshot capability) has been + added - thanks to @schumilo and @eqv! + - unicorn_mode: + - Moved to unicorn2! by Ziqiao Kong (@lazymio) + - Faster, more accurate emulation (newer QEMU base), risc-v support + - removed indirections in rust callbacks + - new binary-only fuzzing mode: coresight_mode for aarch64 CPUs :) + thanks to RICSecLab submitting! + - if instrumented libaries are dlopen()'ed after the forkserver you + will now see a crash. Before you would have colliding coverage. + We changed this to force fixing a broken setup rather then allowing + ineffective fuzzing. + - See docs/best_practices.md how to fix such setups. + - afl-fuzz: + - cmplog binaries will need to be recompiled for this version + (it is better!) + - fix a regression introduced in 3.10 that resulted in less + coverage being detected. thanks to Collin May for reporting! + - ensure all spawned targets are killed on exit + - added AFL_IGNORE_PROBLEMS, plus checks to identify and abort on + incorrect LTO usage setups and enhanced the READMEs for better + information on how to deal with instrumenting libraries + - fix -n dumb mode (nobody should use this mode though) + - fix stability issue with LTO and cmplog + - better banner + - more effective cmplog mode + - more often update the UI when in input2stage mode + - qemu_mode/unicorn_mode: fixed OOB write when using libcompcov, + thanks to kotee4ko for reporting! + - frida_mode: + - better performance, bug fixes + - David Carlier added Android support :) + - afl-showmap, afl-tmin and afl-analyze: + - honor persistent mode for more speed. thanks to dloffre-snl + for reporting! + - fix bug where targets are not killed on timeouts + - moved hidden afl-showmap -A option to -H to be used for + coresight_mode + - Prevent accidentaly killing non-afl/fuzz services when aborting + afl-showmap and other tools. + - afl-cc: + - detect overflow reads on initial input buffer for asan + - new cmplog mode (incompatible with older afl++ versions) + - support llvm IR select instrumentation for default PCGUARD and LTO + - fix for shared linking on MacOS + - better selective instrumentation AFL_LLVM_{ALLOW|DENY}LIST + on filename matching (requires llvm 11 or newer) + - fixed a potential crash in targets for LAF string handling + - fixed a bad assert in LAF split switches + - added AFL_USE_TSAN thread sanitizer support + - llvm and LTO mode modified to work with new llvm 14-dev (again.) + - fix for AFL_REAL_LD + - more -z defs filtering + - make -v without options work + - added the very good grammar mutator "GramaTron" to the + custom_mutators + - added optimin, a faster and better corpus minimizer by + Adrian Herrera. Thank you! + - added afl-persistent-config script to set perform permanent system + configuration settings for fuzzing, for Linux and Macos. + thanks to jhertz! + - added xml, curl & exotic string functions to llvm dictionary feature + - fix AFL_PRELOAD issues on MacOS + - removed utils/afl_frida because frida_mode/ is now so much better + - added uninstall target to makefile (todo: update new readme!) + +------------------------------------------------------------------- Old: ---- 3.14c.tar.gz New: ---- 4.00c.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ afl.spec ++++++ --- /var/tmp/diff_new_pack.gHkX1m/_old 2022-01-31 22:58:15.089206042 +0100 +++ /var/tmp/diff_new_pack.gHkX1m/_new 2022-01-31 22:58:15.097205989 +0100 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,11 +17,12 @@ Name: afl -Version: 3.14c +Version: 4.00c Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer +#URL: https://lcamtuf.coredump.cx/afl/ License: Apache-2.0 -URL: http://lcamtuf.coredump.cx/afl/ +URL: https://github.com/AFLplusplus/AFLplusplus Source: https://github.com/AFLplusplus/AFLplusplus/archive/%{version}.tar.gz Source1: afl-rpmlintrc Patch1: afl-3.0c-fix-paths.patch ++++++ 3.14c.tar.gz -> 4.00c.tar.gz ++++++ ++++ 70876 lines of diff (skipped)