(Thanks to Patrick for bringing this issue to my attention.)
American Fuzzy Lop ("afl", Fedora package american-fuzzy-lop) is an
instrumentation-driven fuzzer for binary formats. ClamAV is a
(Windows?) virus scanner.
Afl's documentation comes with some demonstration vulerabilities found
by afl. These are shipped in the source tarball and SRPM and also
installed as a %doc section in the binary
(/usr/share/doc/american-fuzzy-lop/vuln_samples/).
Unfortunately some of these samples trigger ClamAV
"Win.Exploit.CVE_2015_0076-1 FOUND".
In this particular case it appears to be one or more of these files:
jxrlib-crash2.jxr
jxrlib-crash3.jxr
jxrlib-crash4.jxr
jxrlib-crash.jxr
msie-jxr-mem-leak.jxr
which contain a badly formatted JPEG XR file that triggered a mild CVE
in Windows:
https://technet.microsoft.com/en-us/library/security/ms15-029.aspx
(so this is not a false positive or over-active virus scanner).
I'm inclined to ignore this and point people to this posting if there
are any bugs filed. But maybe there is some Fedora policy which
applies here?
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
