Re: Bug#726393: general: Possible malware infections in source packages
Jarkko Palviainen <jarkko.palviainen <at> f-secure.com> writes:
> I looked into one of these, libmail-deliverystatus-bounceparser-
> perl_1.531.orig.tar.gz, and found multipart email file containing zip
> attachment. Inside this archive is a .pif file (PE32 executable for MS
> which is detected as Win32.Worm.Mytob.EF.
> This doesn't look like a false positive.
And yet, it’s totally legit: the file in question is an eMail archive
of a mail containing such virus for other platform, in order to test
against it so that the Perl script in question doesn’t exhibit any
bugs wrt. that.
> I hope that the source packages would
> be sanitized from any actual malware samples.
It’s not Malware if you’re running Debian.