Re: Bug#726393: general: Possible malware infections in source packages

To: debian-devel@lists.debian.org
Subject: Re: Bug#726393: general: Possible malware infections in source packages
From: Thorsten Glaser <tg@mirbsd.de>
Date: Tue, 15 Oct 2013 15:26:50 +0000 (UTC)
Message-id: <[🔎] loom.20131015T172545-585@post.gmane.org>
References: <[🔎] 20131015102815.23380.68872.reportbug@debian.F-Secure.com>

Jarkko Palviainen <jarkko.palviainen <at> f-secure.com> writes:

> I looked into one of these, libmail-deliverystatus-bounceparser-
> perl_1.531.orig.tar.gz, and found multipart email file containing zip
> attachment. Inside this archive is a .pif file (PE32 executable for MS
Windows)
> which is detected as Win32.Worm.Mytob.EF.
> 
> This doesn't look like a false positive.

And yet, it’s totally legit: the file in question is an eMail archive
of a mail containing such virus for other platform, in order to test
against it so that the Perl script in question doesn’t exhibit any
bugs wrt. that.

> I hope that the source packages would
> be sanitized from any actual malware samples.

It’s not Malware if you’re running Debian.

bye,
//mirabilos

Reply to:

References:
- Bug#726393: general: Possible malware infections in source packages
  - From: Jarkko Palviainen <jarkko.palviainen@f-secure.com>

Prev by Date: Bug#726412: ITP: liblog-any-adapter-filehandle-perl -- basic Log::Any::Adapter to forward messages to a filehandle
Next by Date: Bug#726414: ITP: libfailures-perl -- minimalist exception hierarchy generator
Previous by thread: Bug#726393: marked as done (general: Possible malware infections in source packages)
Next by thread: mips64el port build failed list
Index(es):
- Date
- Thread