Re: virus detection with GData
jan iversen wrote: > OK I stand corrected, but my proposal is the same, because it still > informs people, that this is not something to worry about. > What would be your proposed naming scheme? Cheers, -- Thorsten signature.asc Description: Digital signature ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: virus detection with GData
> > none of these files actually contains a virus, they just have malformed > content that tend to trigger anti-virus heuristics. > OK I stand corrected, but my proposal is the same, because it still informs people, that this is not something to worry about. rgds jan i. > > ___ > LibreOffice mailing list > LibreOffice@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/libreoffice ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: virus detection with GData
> the CVE-* files in the same directory are all encrypted with some dummy > password, so that virus scanners don't complain about them. > > vcl/qa/cppunit/graphicfilter/data/README > > i've taken the liberty to encrypt these now on master with > 18b0343010517daa1eaf52a17ef19564076e1f3a, so you should only get virus > warnings when the tests are actually running (because the files will be > written unencrypted to temporary files), which can be avoided with > --disable-cve-tests. Can I suggest we name files, that contain virus especially (like CVE-* and VIRUS-*) so that it is obvious that the file contains a "wanted" virus. rgds jan i. ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: virus detection with GData
On 05.01.2016 15:09, jan iversen wrote: > > >> the CVE-* files in the same directory are all encrypted with some dummy >> password, so that virus scanners don't complain about them. >> >> vcl/qa/cppunit/graphicfilter/data/README >> >> i've taken the liberty to encrypt these now on master with >> 18b0343010517daa1eaf52a17ef19564076e1f3a, so you should only get virus >> warnings when the tests are actually running (because the files will be >> written unencrypted to temporary files), which can be avoided with >> --disable-cve-tests. > > Can I suggest we name files, that contain virus especially (like > CVE-* and VIRUS-*) so that it is obvious that the file contains a "wanted" > virus. none of these files actually contains a virus, they just have malformed content that tend to trigger anti-virus heuristics. ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: virus detection with GData
On 28.12.2015 22:06, Markus Mohrhard wrote: > Hey, > > On Mon, Dec 28, 2015 at 9:57 PM, Regina Henschel > <rb.hensc...@t-online.de <mailto:rb.hensc...@t-online.de>> wrote: > > Hi all, > > I get a virus detection from scanner GData on the files > crash-1.tiff and hang-7.tiff in filter\qa\cppunit\data\tiff\fail, > both Exploit.CVE-2015-5097-Gen > > and a suspected virus on the file hang-3.wmf in > vcl\qa\cppunit\graphicfilter\data\wmf\fail\ with > Exploit.Win32.MS04-032.Gen > > > you can safely ignore these reports. Our */qa directories contain a > number of files that are detected by various virus scanners. The files > are there to prevent regressions with security issues. it looks like the hang-*.tiff and hang-*.wmf are not encrypted. the CVE-* files in the same directory are all encrypted with some dummy password, so that virus scanners don't complain about them. vcl/qa/cppunit/graphicfilter/data/README i've taken the liberty to encrypt these now on master with 18b0343010517daa1eaf52a17ef19564076e1f3a, so you should only get virus warnings when the tests are actually running (because the files will be written unencrypted to temporary files), which can be avoided with --disable-cve-tests. ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
virus detection with GData
Hi all, I get a virus detection from scanner GData on the files crash-1.tiff and hang-7.tiff in filter\qa\cppunit\data\tiff\fail, both Exploit.CVE-2015-5097-Gen and a suspected virus on the file hang-3.wmf in vcl\qa\cppunit\graphicfilter\data\wmf\fail\ with Exploit.Win32.MS04-032.Gen Kind regards Regina ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: virus detection with GData
Hey, On Mon, Dec 28, 2015 at 9:57 PM, Regina Henschel <rb.hensc...@t-online.de> wrote: > Hi all, > > I get a virus detection from scanner GData on the files > crash-1.tiff and hang-7.tiff in filter\qa\cppunit\data\tiff\fail, both > Exploit.CVE-2015-5097-Gen > > and a suspected virus on the file hang-3.wmf in > vcl\qa\cppunit\graphicfilter\data\wmf\fail\ with Exploit.Win32.MS04-032.Gen > > you can safely ignore these reports. Our */qa directories contain a number of files that are detected by various virus scanners. The files are there to prevent regressions with security issues. If you want to know why they were added you can easily have a look with something like git log -- filter/qa/cppunit/data/tiff/fail/hang-7.tiff which would show you that Caolan has added that file to check for a problem with some types of files. I think most of the new crash* and hang* files have been added as a result of the AFL testing. Regards, Markus ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice