Re: [cmake-developers] Trojan in latest release
On 3/22/19 9:56 AM, Brad King wrote: > > https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-win64-x64.zip > > and uploaded just `bin/cmake.exe` to virustotal.com: it does claim > that `Trojan:Win32/Skeeyah.I` appears: > > This is almost certainly a false positive. I've replaced the binaries with a new build that does not trigger the report. The new `bin/cmake.exe` is identical in size and has very few bytewise differences. -Brad -- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: https://cmake.org/mailman/listinfo/cmake-developers
Re: [cmake-developers] Trojan in latest release
On 3/21/19 12:21 PM, Cristian Adam wrote: > Also worth mentioning that Virustotal has nothing on both 32 and 64 bit files: I extracted https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-win64-x64.zip and uploaded just `bin/cmake.exe` to virustotal.com: it does claim that `Trojan:Win32/Skeeyah.I` appears: https://www.virustotal.com/#/file/c63217be5459bea702f905cb8a27097d89b94c5c1e25d09089a2f401da7a51ac/detection This is almost certainly a false positive. None of the other `.exe` files in the zip have it. Also `bin/cmake.exe` from the 3.14.0-rc* series of binaries and the nightly binaries before and after the release all report as clean. -Brad -- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: https://cmake.org/mailman/listinfo/cmake-developers
Re: [cmake-developers] Trojan in latest release
On Thu, Mar 21, 2019 at 7:40 PM Brad King via cmake-developers < cmake-developers@cmake.org> wrote: > On 3/21/19 2:01 PM, kevin wrote: > > I have not actually seen the file, because windows defender is > > preventing the download from completing. > > I just tried using MS Edge on an up-to-date Win 10 Pro with > Windows Defender enabled. It is able to download and scan > the file, and finds nothing. > > I've opened up a ticket regarding Authenticode: https://gitlab.kitware.com/cmake/cmake/issues/19077 CMake should have support for Authenticode, and should serve as an example with it's own CMake code. Cheers, Cristian. -- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: https://cmake.org/mailman/listinfo/cmake-developers