https://issues.apache.org/ooo/show_bug.cgi?id=118706
orcmid <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from orcmid <[email protected]> 2011-12-29 20:01:52 UTC --- Why are we so quick to close these without further information from the reporter? OBSERVATIONS The nightly builds and other developer builds can trigger warnings from security software for several reasons: 1. The Windows installer is not digitally signed; that may lead to warnings and different treatment depending on security settings and severity thresholds. 2. Some download software (such as Internet Explorer and Microsoft Security Extensions) develop white-lists and black-lists for downloads. A download that doesn't have a recognized signature (a category that new builds fall into) because it has not been seen downloaded before and has no assessment of its safety will provoke warnings. There are even options to submit the file for assessment and determination of the safety of the file for future encounters. There is always reason for concern in the case of a security warning, even if it is likely to be a false positive (or precautionary warning). We need to find out enough details so that guidance on confirmation of valid developer builds and their locations can be provided and to have assurance that a counterfeit, malicious build is not being passed around. To brush someone off with a support link is inappropriate unless there is a specific support location for this situation. -- Configure bugmail: https://issues.apache.org/ooo/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
