Package: general Severity: normal Some of the source packages were caught on a gateway anti-virus scanner while downloading.
These are the exact downloads: http://ftp.fi.debian.org/debian/pool/main/libm/libmime-explode-perl/libmime- explode-perl_0.39.orig.tar.gz http://ftp.fi.debian.org/debian/pool/main/p/pymilter/pymilter_0.9.5.orig.tar.gz http://ftp.fi.debian.org/debian/pool/main/libm/libmail-deliverystatus- bounceparser-perl/libmail-deliverystatus-bounceparser-perl_1.531.orig.tar.gz http://ftp.fi.debian.org/debian/pool/main/l/linkchecker/linkchecker_7.9.orig.tar.bz2 I also uploaded the archives to virustotal.com for scanning with multiple vendors: https://www.virustotal.com/en/file/2403530b352c591464b96b37173031749c993967ed6e1375b6d295ef84576ac9/analysis/ https://www.virustotal.com/en/file/2edb67ca8b8831991d7ba24092829e775355e5a35aeae61cac52de0dc82b2fd5/analysis/ https://www.virustotal.com/en/file/af45514ed8ad5491c8dd1d682a5061c79f624e1789abef3f27e92bcd3653c052/analysis/ https://www.virustotal.com/en/file/7bb478a4f9512e1dfe77c658f0410d62d9af91cedc35ee7aaaff6bc9a56d7f85/analysis/ I looked into one of these, libmail-deliverystatus-bounceparser- perl_1.531.orig.tar.gz, and found multipart email file containing zip attachment. Inside this archive is a .pif file (PE32 executable for MS Windows) which is detected as Win32.Worm.Mytob.EF. This doesn't look like a false positive. I hope that the source packages would be sanitized from any actual malware samples. -- System Information: Debian Release: 7.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131015102815.23380.68872.report...@debian.f-secure.com