From owner-freebsd-ports@FreeBSD.ORG Tue Jul 23 22:24:59 2013 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id C9AD87E2; Tue, 23 Jul 2013 22:24:59 +0000 (UTC) (envelope-from linuxsecuritymrusli@gmail.com) Received: from mail-oa0-x231.google.com (mail-oa0-x231.google.com [IPv6:2607:f8b0:4003:c02::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 88DD72939; Tue, 23 Jul 2013 22:24:59 +0000 (UTC) Received: by mail-oa0-f49.google.com with SMTP id n12so7883794oag.22 for ; Tue, 23 Jul 2013 15:24:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=3NS7PESEsFQFEo8d2na3Hk2ypJYpb3o5gPpcvtELaQs=; b=HTc3k38i01dppGhMatUjCZabXCm/zmQazJHoKUieH87bYyjHJmOYvWc6MKhRlgBt3I 6gHBwgeF/FLnSvtopjd/+qgqTlcrDcUO5Ya3Gph1JVwUbKxas4iOOyZAeohLBTYeapEQ UkCA6Mon36fp3ojKOcAlMKlaYs5tIzwYCdXCrFt592gOoEkOdVZGsW5t8W576gGTwj1l C39LChy5aASsmImH3Tq8GHN5tdJgU6HVX/PNZ/Jtkfh5D1I9mIi4IOZKe0G2awluTDxR B+zTPM1upc8cxsWy4DcB6GpX/frsKDqKgJ3wGhFjctD6fFjUrb3fIte8EgqsboJHxxsH ruHw== MIME-Version: 1.0 X-Received: by 10.50.103.105 with SMTP id fv9mr100599igb.3.1374618298007; Tue, 23 Jul 2013 15:24:58 -0700 (PDT) Received: by 10.64.19.176 with HTTP; Tue, 23 Jul 2013 15:24:57 -0700 (PDT) In-Reply-To: References: <51876AB2.50905@sourcefire.com> <5189238D.7020509@sourcefire.com> Date: Wed, 24 Jul 2013 06:24:57 +0800 Message-ID: Subject: Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus From: M Rusli To: ports@freebsd.org, gnome@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jul 2013 22:24:59 -0000 Hi Please take note of the issues. Thank you. ---------- Forwarded message ---------- From: M Rusli Date: Wed, May 8, 2013 at 12:54 AM Subject: Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus To: Dave M ---------- Forwarded message ---------- From: Tom Judge Date: Tue, May 7, 2013 at 11:53 PM Subject: Re: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus To: M Rusli Rusli, This signature will be dropped in the next couple of days due to high alert rate. Please be aware that all PUA signatures are advisory (Potentially unwanted application) rather than real alerts for malware. And as such they may alert on legitimate applications/files that you do want but others may not. Tom On 5/6/13 5:10 PM, M Rusli wrote: > Okay, > > This is from pcbsd 9.1. Is PUA is turn on clamtk detects as virus. If > it is turn off it did not. > > It's from Python 2.7 site packages. > > Attach is the file. > > It can be a false alarm with PUA turn on. > > By the way Dave, > > Please take note from Auscert. > > *ASB-2013.0061 - [UNIX/Linux] ClamAV: Reduced security - > Unknown/unspecified* - > A number of vulnerabilities have been identified in ClamAV prior to > version 0.97.8. (30/04/2013) > > Thanks! > > > On Mon, May 6, 2013 at 4:32 PM, Tom Judge > wrote: > > Hi Rusli, > > I have sent this information over to the ClamAV detection team, to > validate that the signature is correct. Could you please send me a > copy of the file off list? > > > Thanks > > Tom Judge > >