[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#726393: general: Possible malware infections in source packages

On Tuesday 15 October 2013 13:19:38 Thijs Kinkhorst wrote:
> > It isn't a false positive in that regard that the package *does* in fact
> > contain the virus sample. However, it *is* a false positive, as the
> > sample is there intentionally, and no virus scanner can guess the reason
> > why it is there. It does no harm in the location where it is, it will
> > not spread, so is it in fact a virus? No, it isn't.
> I'm missing why the package cannot use the EICAR test virus signature for
> its purposes.

In libmail-deliverystatus-bounceparser-perl case, the virus is used on the 
non-regressions test which are shipped in the original tarball (and in Debian 
*source* package). This virus is *not* shipped in Debian binary package.


 https://github.com/dod38fr/   -o- http://search.cpan.org/~ddumont/
http://ddumont.wordpress.com/  -o-   irc: dod at irc.debian.org

Reply to: