rpms/elfutils
5
0
Fork 0
Code Issues Pull Requests Releases Activity
178121d8af
elfutils/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE

6 lines
383 B
Plaintext
Raw Normal View History

Introduce CI gating setup for elfutils Set up CI gating. This will introduce new testcase called fedora-ci.koji-build.tier0.functional and will configure it as a mandatory CI gating testcase for elfutils fedora builds. The provided test coverage comes from RHEL. This commit "upstreams" it and makes it public. The test cases are executed by running ./runtest.sh. The main.fmf file keeps the testcase metadata. Makefiles and PURPOSE files are legacy and could be dropped. We keep them for backward compatibility though. The plans and .fmf folders contain configuration files needed for execution of provided testcases within the Fedora CI infrastructure. Rest of the provided files are reproducer or helper files. Provided tests use Flexible Metadata Format, as documented in https://fmf.readthedocs.io/ . plans/ci.fmf: Change how from beakerlib to tmt Removed tests that didn't run unprivileged with tmt run --all provision --how=local - tests/Regression/GNU-Property-notes-not-recognized Tries to install extra pacakger with yum. - tests/Regression/bz447416-segfaults Tries to do eu-stack -p 1 - tests/Regression/elfutils-default-yama-scope-scriptlet-failed Does not have permission to do: grep /var/log/anaconda/packaging.log - tests/Sanity/yama-scope su: user ptrace_scope_testuser does not exist or the user entry does not contain all the required fields - tests/testsuite yum-builddep -y /tmp/tmp.7gnbiIzrYg/SPECS/elfutils.spec - tests/Regression/rpmtests Tries to download and builddep src.rpm package from koji. Removed not enabled tests: - tests/Regression/bz652858-elfutils-prelink-stap-interaction - tests/Sanity/elfutils-debuginfod CVE reproducers are now public, so no longer confidential. Remove unused tests/Sanity/elfutils-debuginfod/typescript
2021-03-24 09:53:42 +00:00
PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
Description: CVE-2018-16402-double-free-due-to-double-decompression
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
Reference in New Issue Copy Permalink