* Henri Salo <[email protected]> [150314 12:27]: > Hi, > > I found several issues while fuzzing enzyme. I am planning to report these > issues to Github upstream project. Do you want to get notified about created > issues and do you want me to create Debian BTS items about these cases also? > > Most of these are probably not security related as it is userland cli tool > crash > and not e.g. CWE-400 <https://scapsync.com/cwe/CWE-400> type of denial of > service issue. > > Used tools: > http://lcamtuf.coredump.cx/afl/ > https://bitbucket.org/jwilk/python-afl > > In case you need more information or you want me to fuzz other Python tools > please reply, thanks! > > -- > Henri Salo
Thanks for investigating enzyme. I would indeed appreciate if you created an entry in the BTS for this issue, that would be easier to track for me (and possibly the security team depending on your findings). I'm personally very interested in this fuzzing tool so I'm quite curious if you have some information about your workflow with it, like how you used it to find these particular bugs. I maintain at least two other python tools that you may be interested in: - feedparser, a parser for RSS and Atom feeds. - guessit, a parser that extract metadata from filenames only. In particular feedparser has high popcon and downloads from the network so I'm very interested in your findings. Thanks! -- Etienne Millon
signature.asc
Description: Digital signature
_______________________________________________ Python-modules-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
