----- Original Message -----
From: "Len Popp" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Wednesday, August 06, 2008 2:09 AM
Subject: Re: Avast Antivirus and apache-tomcat-6.0.18.exe
2008/8/5 Johnny Kewl <[EMAIL PROTECTED]>:
----- Original Message ----- From: "Mark Thomas" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Tuesday, August 05, 2008 11:09 PM
Subject: Re: Avast Antivirus and apache-tomcat-6.0.18.exe
Mark Thomas wrote:
Ангелин Лалев wrote:
Apparently the address is from Bulgarian mirror, where I am
automatically redirected when i load the
http://tomcat.apache.org/download-60.cgi.
The md5 sum is from there too.
If the alert is reproducable on binaries from other mirrors that still
don't mean it's a virus.
I had false warnings with Avast before.
Indeed. That is what I am trying to establish.
I am as sure as I can be that this is a false positive.
Mark
Hi Mark, I think so to, I scanned the zips, scanned native binaries...
conclude either something has snuck onto the MS build machine, or Avast
is
getting it wrong... I believe the later because it doesnt actually
identify
the virus, Win32 gen seems to be a generic warning with no description...
But all this doesnt really matter... one cant recommend users ignore it,
Avast is popular... and its just the kind of thing competition will
thrive
on... its negative marketing for TC.
It will probably go away with a slight mod to the build and I think it
has
to be marked as urgent and the instant the next build is ready, its
replaced.
I would actually remove it... just the Win32 service... the zip is fine.
Regards
JK
I agree that a false positive from Avast shouldn't be ignored, but I
think the correct solution is for someone @apache.org to contact Avast
and ask them to either explain what the problem is or remove Tomcat
from their virus definitions.
Sometimes the problem is caused by the installer program. There have
been cases where the anti-virus guys mistakenly extract a signature
from the installer program rather than the from the malware itself,
which causes false positives on other programs using the same
installer. Just a guess, but it seems likely here because Tomcat uses
the popular open-source Nullsoft installer.
Its picking it up in a temp file, and I think they going to say that its a
flook, it just so happens that the temp file is generating a virus
signature, my guess.
They probably cant do anything about it... and even if they did, it assumes
people actually download updates on Avast...
I think theres a momentum problem in this approach, all be it the right
one... just unlucky.
I dont see it in other installer versions which I imagine all use null soft.
Its damn interesting though... looking forward to what Avast says...
---------------------------------------------------------------------------
HARBOR : http://www.kewlstuff.co.za/index.htm
The most powerful application server on earth.
The only real POJO Application Server.
See it in Action : http://www.kewlstuff.co.za/cd_tut_swf/whatisejb1.htm
---------------------------------------------------------------------------
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
