Re: Bug#726393: general: Possible malware infections in source packages

To: debian-devel@lists.debian.org
Cc: 726393@bugs.debian.org, "Jarkko Palviainen" <jarkko.palviainen@f-secure.com>
Subject: Re: Bug#726393: general: Possible malware infections in source packages
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Tue, 15 Oct 2013 15:10:14 +0200
Message-id: <[🔎] feddfe6413aac40df1f273906a8e30a2.squirrel@aphrodite.kinkhorst.nl>
In-reply-to: <[🔎] 2288634.F14KR057Sc@ylum>
References: <[🔎] 20131015102815.23380.68872.reportbug@debian.F-Secure.com> <[🔎] 20131015105436.GA15762@keks.naturalnet.de> <[🔎] 54f73ee1a529788f845b9918870d74b3.squirrel@aphrodite.kinkhorst.nl> <[🔎] 2288634.F14KR057Sc@ylum>

On Tue, October 15, 2013 14:09, Dominique Dumont wrote:
> In libmail-deliverystatus-bounceparser-perl case, the virus is used on the
> non-regressions test which are shipped in the original tarball (and in
> Debian *source* package). This virus is *not* shipped in Debian binary
> package.

I'm still not sure why the virus contained in the source could not be
replaced by the EICAR test signature.

Setting off false positive alarms masks true positives so should be
avoided as much as possible.

The EICAR test signature exists exactly for the purpose of tests. I would
consider any other virus sample shipped by Debian, beit source or binary,
a bug and I invite Jarkko to report them as such against the respective
packages, so they can be solved in coordination with their upstreams.

Cheers,
Thijs

Reply to:

Follow-Ups:
- Bug#726393: general: Possible malware infections in source packages
  - From: Thorsten Glaser <t.glaser@tarent.de>

References:
- Bug#726393: general: Possible malware infections in source packages
  - From: Jarkko Palviainen <jarkko.palviainen@f-secure.com>
- Bug#726393: general: Possible malware infections in source packages
  - From: Dominik George <nik@naturalnet.de>
- Bug#726393: general: Possible malware infections in source packages
  - From: "Thijs Kinkhorst" <thijs@debian.org>
- Re: Bug#726393: general: Possible malware infections in source packages
  - From: Dominique Dumont <dod@debian.org>

Prev by Date: Bug#726393: marked as done (general: Possible malware infections in source packages)
Next by Date: Bug#726405: ITP: libmateweather -- MateWeather shared library
Previous by thread: Re: Bug#726393: general: Possible malware infections in source packages
Next by thread: Bug#726393: general: Possible malware infections in source packages
Index(es):
- Date
- Thread