Hey guys, On Thu, Jul 30, 2020 at 11:42:03AM +0200, Thomas Schmitt wrote: >Deparade Max wrote: >> I tried three times to download the 9.13 version ISO but Firefox keep saying >> that it might conaint a virus or malware. I need a verified answer whats >> going on there. >> I used following site: >> https://cdimage.debian.org/mirror/cdimage/archive/9.13.0/amd64/iso-cd/ >> And following ISO: >> debian-9.13.0-amd64-netinst.iso > >My quite freshly installed Firefox on Debian 10 says the same. > >But only on the first download. A second download does not cause that >warning of Firefox. >Neither do downloads of the other two ISOs on that page. > >My old Iceweasel on Debian 8 does not complain.
Right. We've had a few reports like this in the last few days. We *think* it's Firefox using Google's "safe browsing" stuff. I've raised a few tickets with Google already about this, but had no response yet. >Quite surely Debian does not put malware into its ISOs. No, *definitely* not. We're wondering if it might just be a hash collision or something. It's difficult to tell with ~zero diagnostics. :-/ >It would be interesting to see more details about how Firefox or other >virus scanners come to that idea. If they can tell a file name in the ISO >or a byte range in the ISO, then it would be possible to examine the >problem deeper. Nod. -- Steve McIntyre, Cambridge, UK. st...@einval.com Who needs computer imagery when you've got Brian Blessed?