commit afl for openSUSE:Factory

Mon, 31 Jan 2022 13:58:30 -0800 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package afl for openSUSE:Factory checked in 
at 2022-01-31 22:57:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/afl (Old)
 and      /work/SRC/openSUSE:Factory/.afl.new.1898 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "afl"

Mon Jan 31 22:57:23 2022 rev:67 rq:950197 version:4.00c

Changes:
--------
--- /work/SRC/openSUSE:Factory/afl/afl.changes  2021-09-26 21:49:36.546844123 
+0200
+++ /work/SRC/openSUSE:Factory/.afl.new.1898/afl.changes        2022-01-31 
22:58:14.557209624 +0100
@@ -1,0 +2,77 @@
+Mon Jan 31 12:45:45 UTC 2022 - Marcus Meissner <meiss...@suse.com>
+
+- updated to 4.00c
+
+  - complete documentation restructuring, made possible by Google Season
+    of Docs :) thank you Jana!
+  - we renamed several UI and fuzzer_stat entries to be more precise,
+    e.g. "unique crashes" -> "saved crashes", "total paths" ->
+    "corpus count", "current path" -> "current item".
+    This might need changing custom scripting!
+  - Nyx mode (full system emulation with snapshot capability) has been
+    added - thanks to @schumilo and @eqv!
+  - unicorn_mode:
+    -   Moved to unicorn2! by Ziqiao Kong (@lazymio)
+    -   Faster, more accurate emulation (newer QEMU base), risc-v support
+    -   removed indirections in rust callbacks
+  - new binary-only fuzzing mode: coresight_mode for aarch64 CPUs :)
+    thanks to RICSecLab submitting!
+  - if instrumented libaries are dlopen()'ed after the forkserver you
+    will now see a crash. Before you would have colliding coverage.
+    We changed this to force fixing a broken setup rather then allowing
+    ineffective fuzzing.
+  - See docs/best_practices.md how to fix such setups.
+  - afl-fuzz:
+    -   cmplog binaries will need to be recompiled for this version
+        (it is better!)
+    -   fix a regression introduced in 3.10 that resulted in less
+        coverage being detected. thanks to Collin May for reporting!
+    -   ensure all spawned targets are killed on exit
+    -   added AFL_IGNORE_PROBLEMS, plus checks to identify and abort on
+        incorrect LTO usage setups and enhanced the READMEs for better
+        information on how to deal with instrumenting libraries
+    -   fix -n dumb mode (nobody should use this mode though)
+    -   fix stability issue with LTO and cmplog
+    -   better banner
+    -   more effective cmplog mode
+    -   more often update the UI when in input2stage mode
+  - qemu_mode/unicorn_mode: fixed OOB write when using libcompcov,
+    thanks to kotee4ko for reporting!
+  - frida_mode:
+    -   better performance, bug fixes
+    -   David Carlier added Android support :)
+  - afl-showmap, afl-tmin and afl-analyze:
+    -   honor persistent mode for more speed. thanks to dloffre-snl
+        for reporting!
+    -   fix bug where targets are not killed on timeouts
+    -   moved hidden afl-showmap -A option to -H to be used for
+        coresight_mode
+  - Prevent accidentaly killing non-afl/fuzz services when aborting
+    afl-showmap and other tools.
+  - afl-cc:
+    -   detect overflow reads on initial input buffer for asan
+    -   new cmplog mode (incompatible with older afl++ versions)
+    -   support llvm IR select instrumentation for default PCGUARD and LTO
+    -   fix for shared linking on MacOS
+    -   better selective instrumentation AFL_LLVM_{ALLOW|DENY}LIST
+        on filename matching (requires llvm 11 or newer)
+    -   fixed a potential crash in targets for LAF string handling
+    -   fixed a bad assert in LAF split switches
+    -   added AFL_USE_TSAN thread sanitizer support
+    -   llvm and LTO mode modified to work with new llvm 14-dev (again.)
+    -   fix for AFL_REAL_LD
+    -   more -z defs filtering
+    -   make -v without options work
+  - added the very good grammar mutator "GramaTron" to the
+    custom_mutators
+  - added optimin, a faster and better corpus minimizer by
+    Adrian Herrera. Thank you!
+  - added afl-persistent-config script to set perform permanent system
+    configuration settings for fuzzing, for Linux and Macos.
+    thanks to jhertz!
+  - added xml, curl & exotic string functions to llvm dictionary feature
+  - fix AFL_PRELOAD issues on MacOS
+  - removed utils/afl_frida because frida_mode/ is now so much better
+  - added uninstall target to makefile (todo: update new readme!)
+
+-------------------------------------------------------------------

Old:
----
  3.14c.tar.gz

New:
----
  4.00c.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ afl.spec ++++++
--- /var/tmp/diff_new_pack.gHkX1m/_old  2022-01-31 22:58:15.089206042 +0100
+++ /var/tmp/diff_new_pack.gHkX1m/_new  2022-01-31 22:58:15.097205989 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package afl
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,11 +17,12 @@
 
 
 Name:           afl
-Version:        3.14c
+Version:        4.00c
 Release:        0
 Summary:        American fuzzy lop is a security-oriented fuzzer
+#URL:            https://lcamtuf.coredump.cx/afl/
 License:        Apache-2.0
-URL:            http://lcamtuf.coredump.cx/afl/
+URL:            https://github.com/AFLplusplus/AFLplusplus
 Source:         
https://github.com/AFLplusplus/AFLplusplus/archive/%{version}.tar.gz
 Source1:        afl-rpmlintrc
 Patch1:         afl-3.0c-fix-paths.patch

++++++ 3.14c.tar.gz -> 4.00c.tar.gz ++++++
++++ 70876 lines of diff (skipped)

Reply via email to