Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 05 Jun 2013 14:39:41 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: john-dev@...ts.openwall.com
Subject: Re: 1.8 jumbo1 (steps needed)

On 2013-06-05 02:29, Solar Designer wrote:
>> Since we are not exactly in a known-bugfree state anyway, I'd be happy to wait until your upcoming dynamic changes are in. Then it needs some systematical testing but I am not aware of any bugs that block a release. Issues I know about are here:
>> https://github.com/magnumripper/JohnTheRipper/issues
>
> What about the various valid() crashes spotted with Alexander's fuzzers?
> Have 100% of them been fixed?  If not, this is something to do now.  If
> Dhiru is failing to take care of all of these within, say, 2 days more,
> perhaps someone else should take over.  It's not much work, really.

For unstable: we fixed everything in cpu that was posted except for rar 
crash (and I don't want to touch it) and garbage output in pfx (not sure 
what is a best way to deal with it; but it's not critical). IIUC nobody 
tried my fuzzer against gpu formats and nobody tried to systematically 
synchonize valids in gpu and cpu formats.

For bleeding: for me at least the following formats crash:

aix-ssha512
cloudkeychain
django
fde
netlmv2
openssl-enc
pbkdf2-hmac-sha512
rar
RAR5

I'll post crachers a bit later.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ