On Mon, 2017-11-13 at 14:25 +0000, Richard W.M. Jones wrote:
> (Thanks to Patrick for bringing this issue to my attention.)
>
> American Fuzzy Lop ("afl", Fedora package american-fuzzy-lop) is an
> instrumentation-driven fuzzer for binary formats. ClamAV is a
> (Windows?) virus scanner.
>
> Afl's documentation comes with some demonstration vulerabilities
> found
> by afl. These are shipped in the source tarball and SRPM and also
> installed as a %doc section in the binary
> (/usr/share/doc/american-fuzzy-lop/vuln_samples/).
>
> Unfortunately some of these samples trigger ClamAV
> "Win.Exploit.CVE_2015_0076-1 FOUND".
>
> In this particular case it appears to be one or more of these files:
>
> jxrlib-crash2.jxr
> jxrlib-crash3.jxr
> jxrlib-crash4.jxr
> jxrlib-crash.jxr
> msie-jxr-mem-leak.jxr
>
> which contain a badly formatted JPEG XR file that triggered a mild
> CVE
> in Windows:
>
> https://technet.microsoft.com/en-us/library/security/ms15-029.aspx
>
> (so this is not a false positive or over-active virus scanner).
>
> I'm inclined to ignore this and point people to this posting if there
> are any bugs filed. But maybe there is some Fedora policy which
> applies here?
I'm the clamav packager maintainer is anything related with this 2
CVE(s) [1] ?
I was waiting for a new stable release .
Thanks,
[1]
https://bugzilla.redhat.com/show_bug.cgi?id=1483911
https://bugzilla.redhat.com/show_bug.cgi?id=1472778
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat http://people.redhat.com
> /~rjones
> Read my programming and virtualization blog: http://rwmj.wordpress.co
> m
> virt-df lists disk usage of guests without needing to install any
> software inside the virtual machine. Supports Linux and Windows.
> http://people.redhat.com/~rjones/virt-df/
> _______________________________________________
> devel mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
--
Sérgio M. B.
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
