[llvm] 5b5c57d - Add llvm-project archive issues for Chromium bug tracker (#132030)
via llvm-commits
llvm-commits at lists.llvm.org
Wed May 21 01:46:59 PDT 2025
Author: Peter Smith
Date: 2025-05-21T09:46:56+01:00
New Revision: 5b5c57d3223ecfdb5af9346cfc48ca9d482a5698
URL: https://github.com/llvm/llvm-project/commit/5b5c57d3223ecfdb5af9346cfc48ca9d482a5698
DIFF: https://github.com/llvm/llvm-project/commit/5b5c57d3223ecfdb5af9346cfc48ca9d482a5698.diff
LOG: Add llvm-project archive issues for Chromium bug tracker (#132030)
The Chromium bug tracker is in an archived state. The Security Response
Group has preemptively created llvm-project GitHub issues with PDF
copies of the Chromium issues should the repository become inaccessible.
* Add URLs for redirects from
https://bugs.chromium.org/p/llvm/issues/detail?id=X to
https://issuetracker.google.com/issues/y
* Add URLs to llvm-project archive issues.
* Add an explanation of archive use.
Added:
Modified:
llvm/docs/SecurityTransparencyReports.rst
Removed:
################################################################################
diff --git a/llvm/docs/SecurityTransparencyReports.rst b/llvm/docs/SecurityTransparencyReports.rst
index 3a91ab1a52479..e4d7c23236b6c 100644
--- a/llvm/docs/SecurityTransparencyReports.rst
+++ b/llvm/docs/SecurityTransparencyReports.rst
@@ -2,7 +2,21 @@
LLVM Security Group Transparency Reports
========================================
-This page lists the yearly LLVM Security group transparency reports.
+This page lists the yearly LLVM Security Response group transparency reports.
+
+The LLVM Security Response group started out as the LLVM security group, previous
+year's transparency reports keep the original name.
+
+Initially the Chromium issue tracker was used to record issues. This
+component has been archived and is read-only. A GitHub
+llvm/llvm-project issue has been created for each issue in the
+Chromium issue tracker. All of these issues contain an attached PDF
+with the content of the Chromium issue, and have the SecurityArchive
+label.
+
+Each Chromium issue has 3 URLs, the first is the original URL recorded in
+previous transparency reports. The second is the redirect URL to the archive.
+The third is to the GitHub archive issue.
2021
----
@@ -29,8 +43,13 @@ In 2021, the security group received 13 issue reports that were made publicly
visible before 31st of December 2021. The security group judged 2 of these
reports to be security issues:
-* https://bugs.chromium.org/p/llvm/issues/detail?id=5
-* https://bugs.chromium.org/p/llvm/issues/detail?id=11
+* original: https://bugs.chromium.org/p/llvm/issues/detail?id=5
+ redirect: https://issuetracker.google.com/issues/42410043 archive:
+ https://github.com/llvm/llvm-project/issues/125709
+
+* original: https://bugs.chromium.org/p/llvm/issues/detail?id=11
+ redirect: https://issuetracker.google.com/issues/42410002 archive:
+ https://github.com/llvm/llvm-project/issues/127644
Both issues were addressed with source changes: #5 in clangd/vscode-clangd, and
#11 in llvm-project. No dedicated LLVM release was made for either.
@@ -54,24 +73,32 @@ the time of writing this transparency report.
5 of these were judged to be security issues:
-* https://bugs.chromium.org/p/llvm/issues/detail?id=17 reports a miscompile in
- LLVM that can result in the frame pointer and return address being
- overwritten. This was fixed.
+* https://bugs.chromium.org/p/llvm/issues/detail?id=17 reports a miscompile in LLVM
+ that can result in the frame pointer and return address being overwritten. This
+ was fixed. Redirect: https://issuetracker.google.com/issues/42410008 archive:
+ https://github.com/llvm/llvm-project/issues/127645
-* https://bugs.chromium.org/p/llvm/issues/detail?id=19 reports a vulnerability
- in `std::filesystem::remove_all` in libc++. This was fixed.
+* https://bugs.chromium.org/p/llvm/issues/detail?id=19 reports a vulnerability in
+ `std::filesystem::remove_all` in libc++. This was fixed.
+ Redirect: https://issuetracker.google.com/issues/42410010 archive:
+ https://github.com/llvm/llvm-project/issues/127647
* https://bugs.chromium.org/p/llvm/issues/detail?id=23 reports a new Spectre
gadget variant that Speculative Load Hardening (SLH) does not mitigate. No
extension to SLH was implemented to also mitigate against this variant.
+ Redirect: https://issuetracker.google.com/issues/42410015 archive:
+ https://github.com/llvm/llvm-project/issues/127648
* https://bugs.chromium.org/p/llvm/issues/detail?id=30 reports missing memory
safety protection on the (C++) exception handling path. A number of fixes
- were implemented.
+ were implemented. Redirect: https://issuetracker.google.com/issues/42410023
+ archive: https://github.com/llvm/llvm-project/issues/127649
* https://bugs.chromium.org/p/llvm/issues/detail?id=33 reports the RETBLEED
vulnerability. The outcome was clang growing a new security hardening feature
`-mfunction-return=thunk-extern`, see https://reviews.llvm.org/D129572.
+ Redirect: https://issuetracker.google.com/issues/42410026 archive:
+ https://github.com/llvm/llvm-project/issues/127650
No dedicated LLVM releases were made for any of the above issues.
@@ -84,33 +111,52 @@ that were received earlier, but were disclosed in 2023.
9 of these were judged to be security issues:
-https://bugs.chromium.org/p/llvm/issues/detail?id=36 reports the presence of
-.git folder in https://llvm.org/.git.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=66 reports the presence of
-a GitHub Personal Access token in a DockerHub imaage.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=42 reports a potential gap
-in the Armv8.1-m BTI protection, involving a combination of large switch statements
-and __builtin_unreachable() in the default case.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=43 reports a dependency
-on an old version of xml2js with a CVE filed against it.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=45 reports a number of
-dependencies that have had vulnerabilities reported against them.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=46 is related to issue 43.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=48 reports a buffer overflow
-in std::format from -fexperimental-library.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=54 reports a memory leak in
-basic_string move assignment when built with libc++ versions <=6.0 and run against
-newer libc++ shared/dylibs.
-
-https://bugs.chromium.org/p/llvm/issues/detail?id=56 reports an out of bounds buffer
-store introduced by LLVM backends, that regressed due to a procedural oversight.
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=36 reports the presence of
+ .git folder in https://llvm.org/.git. Redirect:
+ https://issuetracker.google.com/issues/42410029 archive:
+ https://github.com/llvm/llvm-project/issues/131841
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=66 reports the presence of a
+ GitHub Personal Access token in a DockerHub imaage. Redirect
+ https://issuetracker.google.com/issues/42410060 archive:
+ https://github.com/llvm/llvm-project/issues/131846
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=42 reports a potential gap
+ in the Armv8.1-m BTI protection, involving a combination of large switch statements
+ and __builtin_unreachable() in the default case. Redirect:
+ https://issuetracker.google.com/issues/42410035 archive:
+ https://github.com/llvm/llvm-project/issues/131848
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=43 reports a dependency
+ on an old version of xml2js with a CVE filed against it. Redirect:
+ https://issuetracker.google.com/issues/42410036 archive:
+ https://github.com/llvm/llvm-project/issues/131849
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=45 reports a number of
+ dependencies that have had vulnerabilities reported against them. Redirect:
+ https://issuetracker.google.com/issues/42410038 archive:
+ https://github.com/llvm/llvm-project/issues/131851
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=46 is related to
+ issue 43. Redirect https://issuetracker.google.com/issues/42410039 archive:
+ https://github.com/llvm/llvm-project/issues/131852
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=48 reports a buffer overflow in
+ std::format from -fexperimental-library. Redirect:
+ https://issuetracker.google.com/issues/42410041 archive:
+ https://github.com/llvm/llvm-project/issues/131856
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=54 reports a memory leak in
+ basic_string move assignment when built with libc++ versions <=6.0 and run against
+ newer libc++ shared/dylibs. Redirect:
+ https://issuetracker.google.com/issues/42410047 archive:
+ https://github.com/llvm/llvm-project/issues/131857
+
+ * https://bugs.chromium.org/p/llvm/issues/detail?id=56 reports an out
+ of bounds buffer store introduced by LLVM backends, that regressed
+ due to a procedural oversight. Redirect
+ https://issuetracker.google.com/issues/42410049 archive:
+ https://github.com/llvm/llvm-project/issues/131858
No dedicated LLVM releases were made for any of the above issues.
@@ -152,10 +198,14 @@ publishing security advisories for those issues at
https://github.com/llvm/llvm-security-repo/security/advisories/.
1. “Unexpected behavior when using LTO and branch-protection together” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=58
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=58 |br|
+ redirect: https://issuetracker.google.com/issues/42410051 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132185
2. “Security weakness in PCS for CMSE”
(`CVE-2024-0151 <https://nvd.nist.gov/vuln/detail/CVE-2024-0151>`_) |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=68
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=68 |br|
+ redirect: https://issuetracker.google.com/issues/42410062 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132186
3. “CMSE secure state may leak from stack to floating-point registers”
(`CVE-2024-7883 <https://www.cve.org/cverecord?id=CVE-2024-7883>`_) |br|
Details are available at
@@ -165,9 +215,13 @@ Supply chain security related issues and project services-related issues
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1. “GitHub User Involved in xz backdoor may have attempted to change to clang in order to help hide the exploit” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=71
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=71 |br|
+ redirect: https://issuetracker.google.com/issues/42410066 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132187
2. “llvmbot account suspended due to supicious login” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=72
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=72 |br|
+ redirect: https://issuetracker.google.com/issues/42410067 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132243
3. “.git Exposure” |br|
GHSA-mr8r-vvrc-w6rq |br|
The .git directory was accessible via web browsers under apt.llvm.org, a site
@@ -204,23 +258,41 @@ Issues deemed to not require coordinated action before disclosing publicly
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1. “Clang Address Sanitizer gives False Negative for Array Out of Bounds Compiled with Optimization” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=57
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=57 |br|
+ redirect: https://issuetracker.google.com/issues/42410050 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132191
2. “Found exposed .svn folder” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=59
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=59 |br|
+ redirect: https://issuetracker.google.com/issues/42410052
+ archive: https://github.com/llvm/llvm-project/issues/132192
3. “Arbitrary code execution when combining SafeStack \+ dynamic stack allocations \+ \_\_builtin\_setjmp/longjmp” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=60
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=60 |br|
+ redirect: https://issuetracker.google.com/issues/42410054
+ archive: https://github.com/llvm/llvm-project/issues/132220
4. “RISC-V: Constants are allocated in writeable .sdata section” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=61
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=61 |br|
+ redirect: https://issuetracker.google.com/issues/42410055 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132223
5. “Manifest File with Out-of-Date Dependencies with CVEs” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=62
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=62 |br|
+ redirect: https://issuetracker.google.com/issues/42410056 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132225
6. “Non-const derived ctor should fail compilation when having a consteval base ctor” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=67
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=67 |br|
+ redirect: https://issuetracker.google.com/issues/42410061 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132226
7. “Wrong assembly code generation. Branching to the corrupted "LR".” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=69
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=69 |br|
+ redirect: https://issuetracker.google.com/issues/42410063 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132229
8. “Security bug report” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=70
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=70 |br|
+ redirect: https://issuetracker.google.com/issues/42410065 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132233
9. “Using ASan with setuid binaries can lead to arbitrary file write and elevation of privileges” |br|
- Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=73
+ Details are available at https://bugs.chromium.org/p/llvm/issues/detail?id=73 |br|
+ redirect: https://issuetracker.google.com/issues/42410068 |br|
+ archive: https://github.com/llvm/llvm-project/issues/132235
10. “Interesting bugs for bool variable in clang projects and aarch64 modes outputting inaccurate results.” |br|
GHSA-w7qc-292v-5xh6 |br|
The issue reported is on a source code example having undefined behaviour
@@ -282,4 +354,4 @@ as part of migrating to GitHub's “security advisory”-based reporting:
1. “Test if new draft security advisory gets emailed to LLVM security group” |br|
GHSA-82m9-xvw3-rvpv
2. “Test that a non-admin can create an advisory (no vulnerability).” |br|
- GHSA-34gr-6c7h-cc93
\ No newline at end of file
+ GHSA-34gr-6c7h-cc93
More information about the llvm-commits
mailing list