Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2026-06-10 16:12:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.2375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "afl" Wed Jun 10 16:12:01 2026 rev:97 rq:1358498 version:5.00c Changes: -------- --- /work/SRC/openSUSE:Factory/afl/afl.changes 2026-04-23 17:14:04.380035931 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.2375/afl.changes 2026-06-10 16:17:11.448485337 +0200 @@ -1,0 +2,88 @@ +Tue Jun 9 15:42:05 UTC 2026 - Marcus Meissner <[email protected]> + +- updated to 5.00c + ! AFL++ is now an AGPL 3.0 project ! + ! Files where the license could be switched were moved to AGPL 3.0+, files + that were under Apache 2.0 with contributations stay on that license. + ! Commercial license (donate to a good cause - no money for AFL++) is available + - Switched https://github.com/AFLplusplus/cov-analysis for outdated afl-cov + - MacOS most current version support for afl-fuzz, afl-cc (incl. LTO) and + frida mode! + - Refreshed FreeBSD support by jsaunders-rr, thanks! + - Linux persistent mode uses futex now which increases speed and reduces + system call overhead (opt out with AFL_FAST_CHILD_SYNC), thanks to + @martinus for most of the implementation! + - afl-fuzz: + - `-I tool` call now receives the new crash as a command line parameter + - changed to a better map classifier + - frameshift is disabled now if AFL_CUSTOM_MUTATOR_ONLY is set + - python module fixes + - minor speed, leak and zombie enhancements + - stability info was lost on fast resume - fixed + - somewhere we removed .state/variable/... now it is back :-) + - afl-cc: + - Add LLVM 23 support + - LTO and PCGUARD: new `AFL_LLVM_PATH` (also `AFL_LLVM_LTO_PATH` / + `AFL_LLVM_PATH_MODE`) Ball-Larus per-function path coverage on top + of edge coverage. Three levels: `=1` relaxed (collapse all + guard-only BBs), `=2` restricted (collapse only 2-successor + guard-only BBs), `=3` strict Ball-Larus. LTO additionally composes + with `AFL_LLVM_LTO_CALLER`. See + instrumentation/README.llvm.md and instrumentation/README.lto.md. + - Fixes in the PCGUARD and LTO instrumentation that could lead to sanitizer + triggers in target binaries + - new instrumentation: `afl-llvm-bug-pass.so` provides five runtime + oracles (SCALAR, BUDGET, SIZEFILL, ALLOCSIZE, SLACK) plus a slice- + filter sub-mode for SCALAR, covering arithmetic-bound and logical- + OOB bugs that ASan misses (CVE-2023-4863 / libwebp-Huffman class). + Note: ALLOCSIZE/DERIVE are disabled automatically under + AFL_USE_ASAN to avoid double-instrumentation; see + docs/env_variables.md. + * `AFL_LLVM_BUG_SCALAR=1` - max-value-per-arithmetic-site coverage, + plus per-loop iteration count + * `AFL_LLVM_BUG_SCALAR_SLICE=1` - restrict SCALAR instrumentation to + arithmetic that flows into a memory- + size sink (allocator size, GEP index, + memcpy/memset length). Implies SCALAR. + * `AFL_LLVM_BUG_BUDGET=1` - check `ptr += func()` write-extent + contract + * `AFL_LLVM_BUG_SIZEFILL=1` - check NULL-means-size-only idioms + * `AFL_LLVM_BUG_ALLOCSIZE=1` - track every malloc/calloc/realloc and + feed three signals (headroom IJON-min, + proximity-bucket coverage edge, soft-OOB + tripwire) per in-loop store + * `AFL_LLVM_BUG_SLACK=1` - per-icmp |op0-op1| feedback, mapped + MIN-style onto the bug map (inverse- + bucket) for tight-comparison signal + * `AFL_LLVM_BUG_ALLOCSIZE_FUNCS=Name1,Name2,...` - extend tracking + to user-listed custom allocators + * `AFL_LLVM_BUG_ALLOCSIZE_FREE_FUNCS=Name1,Name2,...` - matching + custom-free functions for the above + * `AFL_LLVM_BUG_ALLOCSIZE_DERIVE=1` - log tracked allocation sizes + into CmpLog RTN slots for `-l Z` + * `AFL_LLVM_BUG=1` - enable all bug-pass modes + Per-site bug-map slots are kept in a private MAP_SIZE_BUG region and + tracked max-rule (compatible with the IJON model) + - cmplog scheduling extensions (companion to bug-pass): + * `-l M` (afl-fuzz) - predicate-tightness scheduling. Treat any + new per-site minimum slack on an inequality CmpLog cmp as a + coverage event and mark the queue entry favoured. Catches the + libwebp-1.3.1 / CVE-2023-4863 input pattern (validation + predicates simultaneously at their tight edges). + * `AFL_LLVM_BUG_ALLOCSIZE_DERIVE=1` or `AFL_LLVM_BUG=1` + (compile-time) and + `-l Z` (afl-fuzz) - size-derive logging. On every freed tracked + allocation, write `(computed_size, max_observed_offset)` into a + CmpLog RTN slot keyed by alloc-site. The existing CmpLog + dictionary mining harvests `computed_size` as a magic constant + and feeds the producing input bytes back into havoc. + - afl-cmin*: + - nyx_mode is now working for all minimizer variants + - afl-showmap: + - no more .afl-showmap-temp-* files lying around + - IJON dist was changed to original IJON implementation: initial matching + bytes, max length is 1024 + - lib* tools: + - MacOS support is back, thanks to @Jay-1409 ! + +------------------------------------------------------------------- Old: ---- v4.40c.tar.gz New: ---- v5.00c.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ afl.spec ++++++ --- /var/tmp/diff_new_pack.At3Ar2/_old 2026-06-10 16:17:13.808583141 +0200 +++ /var/tmp/diff_new_pack.At3Ar2/_new 2026-06-10 16:17:13.808583141 +0200 @@ -29,11 +29,11 @@ %endif Name: afl -Version: 4.40c +Version: 5.00c Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer #URL: https://lcamtuf.coredump.cx/afl/ -License: Apache-2.0 +License: AGPL-3.0-or-later AND Apache-2.0 URL: https://github.com/AFLplusplus/AFLplusplus Source: https://github.com/AFLplusplus/AFLplusplus/archive/v%{version}.tar.gz Source1: afl-rpmlintrc ++++++ v4.40c.tar.gz -> v5.00c.tar.gz ++++++ ++++ 25111 lines of diff (skipped)
