Hi Christian, Thank you very much for your reply. Agree, we can close this bug.
Kind regards *Maciej Krakowiak* Application Security Engineer pandadoc.com <https://www.pandadoc.com/> On Sun, Feb 23, 2025 at 6:03 PM Christian Kastner <[email protected]> wrote: > Hi Maciej, > > On 2025-02-21 14:21, Maciej Krakowiak wrote: > > Package: libcap-dev > > > > Version: 1:2.66-4 > > > > Recently, I have observed that the file "exploit," which sits in the > > "tests" catalog, has been flagged as malicious by different scanning > > engines. > > > > I think this might be expected, > > yes, this can only be a false positive. The test is designed to attempt > an exploit, which is expected to fail. > > Looking at tests/exploit.c, I assume this was flagged by name or > keywords, as it doesn't contain any operation that looks suspicious, at > least immediately. > > > but I was wondering if anything > > has changed recently, as this file was not flagged before. > > There have been meaningful changes since the initial release with Debian > package version 1:2.45-1, see [1]. > > Unless you have a reasonable objection, I'd like to close this bug. In > any case, thanks for the report, better to be safe than sorry. > > Best, > Christian > > > This has been flagged on different OS distributions. > > > > Example of Virus Total report: https://www.virustotal.com/gui/ > > file/8c8d3b51fc454748ab8aea76a329cccca95e1e683d1a879a8b90aaa1d7158792 > > <https://www.virustotal.com/gui/ > > file/8c8d3b51fc454748ab8aea76a329cccca95e1e683d1a879a8b90aaa1d7158792> > > [1]: > https://git.kernel.org/pub/scm/libs/libcap/libcap.git/log/tests/exploit.c >
