Hello Marc, interesting discovery. I can't figure out why the liquidwar authors chose to package an exploit against an older version of their game in their newer tarballs, but there it is.
It looks like a real exploit against 2003 slackware and gentoo builds of the game; it's not really a false positive in the usual sense of "virus scanners are black boxes that never explain why they mark something as a virus". This is a real exploit that probably worked once upon a time. I couldn't find anything in the packaging or build system that would actually use the file. I can't find any evidence of the exploit in the binary packages -- it appears unbuilt. The two virustotal URLs are showing different things: the first link shows that the tarball has a suspicious file inside -- which it does. The second link shows how various URL "safety" sources treat that specific URL, and isn't any indication on the contents of the file. The tarballs containing this file were released in 2008 and in 2018; they are the original upstream sources. Because this file poses basically no risk to anyone I think we add this as a known case to the FAQ and leave it alone. We can't easily remove files from our archive network and all our volunteer mirror sites -- while we have the ability, it violates many assumptions about how our software distribution works, and runs the risk of breaking users. If this were a threat to our users it might be a different calculus but this file is harmless itself. It might be worth asking the LiquidWar upstream authors to remove the file from future tarballs so that we might be rid of these warnings in ten years, but since the 2018 release is their most recent, that may not be a priority for them, either. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1876121 Title: liquidwar_5.6.4.orig.tar.gz shows infected with Exploit-Generic.src Trojan To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/liquidwar/+bug/1876121/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
