Date: Wed, 24 Jul 2013 06:24:57 +0800 From: M Rusli <linuxsecuritymrusli@gmail.com> To: ports@freebsd.org, gnome@freebsd.org Subject: Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus Message-ID: <CADUSB=z=81K90pH0Jjpfv5_a6wjhmRPrkdXG2E%2BKQi2w=VapFA@mail.gmail.com> In-Reply-To: <CADUSB=wX1g6Tp9bXf3Hi%2BfTUPCvc8C5iL=6SaupMT6jjhZ6a1A@mail.gmail.com> References: <CADUSB=wR-VAkSYwHOXvnhPaT48WEePP8L7coTnbijV320=Y0Pw@mail.gmail.com> <CAPk1mureXe11Ci5aWNyWBQ1BO7yJ9baT=Y0X9XdGAeUkBx9cOA@mail.gmail.com> <CADUSB=wvWnV6AaJmof0ZUHa6s2-ejhgL9vQ8cUDsiPMooSx89w@mail.gmail.com> <51876AB2.50905@sourcefire.com> <CADUSB=xzPYXgrvqaOi1OCQY1mth6RFuDLi-Svw5=MWuPyTaH6w@mail.gmail.com> <5189238D.7020509@sourcefire.com> <CADUSB=wX1g6Tp9bXf3Hi%2BfTUPCvc8C5iL=6SaupMT6jjhZ6a1A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Please take note of the issues. Thank you. ---------- Forwarded message ---------- From: M Rusli <linuxsecuritymrusli@gmail.com> Date: Wed, May 8, 2013 at 12:54 AM Subject: Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus To: Dave M <dave.nerd@gmail.com> ---------- Forwarded message ---------- From: Tom Judge <tjudge@sourcefire.com> Date: Tue, May 7, 2013 at 11:53 PM Subject: Re: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus To: M Rusli <linuxsecuritymrusli@gmail.com> Rusli, This signature will be dropped in the next couple of days due to high alert rate. Please be aware that all PUA signatures are advisory (Potentially unwanted application) rather than real alerts for malware. And as such they may alert on legitimate applications/files that you do want but others may not. Tom On 5/6/13 5:10 PM, M Rusli wrote: > Okay, > > This is from pcbsd 9.1. Is PUA is turn on clamtk detects as virus. If > it is turn off it did not. > > It's from Python 2.7 site packages. > > Attach is the file. > > It can be a false alarm with PUA turn on. > > By the way Dave, > > Please take note from Auscert. > > *ASB-2013.0061 - [UNIX/Linux] ClamAV: Reduced security - > Unknown/unspecified* <http://www.auscert.com.au/render.html?it=17463>; - > A number of vulnerabilities have been identified in ClamAV prior to > version 0.97.8. (30/04/2013) > > Thanks! > > > On Mon, May 6, 2013 at 4:32 PM, Tom Judge <tjudge@sourcefire.com > <mailto:tjudge@sourcefire.com>> wrote: > > Hi Rusli, > > I have sent this information over to the ClamAV detection team, to > validate that the signature is correct. Could you please send me a > copy of the file off list? > > > Thanks > > Tom Judge > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADUSB=z=81K90pH0Jjpfv5_a6wjhmRPrkdXG2E%2BKQi2w=VapFA>