Hey, just checked it using ClamXav on my mac and found the „exploit“ as well but only in an older version (4.0.2). The current master is ok and does not have any detected vulnerability may it be a false positive or not. Regards, Martin
> Am 27.04.2015 um 19:41 schrieb Matt Davis - NOAA Federal > <matt.w.da...@noaa.gov>: > > This is more of a heads up for qooxdoo admins than anything, and could > possibly be a false positive, but I felt I should at least relay this info. > One of my developers sent this to me: > > On my CentOS 6 laptop, using the ClamAV application to run a routine check > for viruses, it alerted me to the fact that > iris/client/qooxdoo-4.0.1-sdk/component/standalone/website/script/q.js > contains the Html.Exploit.CVE.2015.1665 vulnerability. You can review this > at both http://www.cvedetails.com/cve/CVE-2015-1665/ and > http://www.zerodayinitiative.com/advisories/ZDI-15-128/. > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y_______________________________________________ > qooxdoo-devel mailing list > qooxdoo-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ qooxdoo-devel mailing list qooxdoo-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
