[clamav-users] Still getting this:
Al Varnell
alvarnell at mac.com
Thu Nov 19 07:57:19 UTC 2015
I certainly agree with that.
As I said in the original thread on this issue, I rarely come to the list with FP issues unless they appear to be impacting many users and commercial or system files. I make sure they are being submitted to VT and ClamAV and call it a day.
When the first few alerts on cache files came in, I simply told users to delete them, but when those with alerts to Adobe and other 3rd party apps arrived, I elected to join the conversation, already in progress here.
-Al-
On Wed, Nov 18, 2015 at 11:39 PM, Dennis Peterson wrote:
>
> Well sure, and no doubt they will - I'm just reminding people they have a pre-emptive path, too. I get the feeling sometimes people are over-confident in what the limited Clamav staff can accomplish in terms of short turn-around.
>
> dp
>
> On 11/18/15 11:36 PM, Al Varnell wrote:
>> That’s what we did for ClamXav users, but given that it’s a cross-platform vulnerability, ClamAV needs to re-write or remove it, as well.
>>
>> -Al-
>>
>> On Wed, Nov 18, 2015 at 11:34 PM, Dennis Peterson wrote:
>>> Write a local whitelist record?
>>>
>>> dp
>>>
>>> On 11/18/15 11:32 PM, Al Varnell wrote:
>>>> I just submitted my FP to them 48 hours ago and have not received confirmation on it’s acceptance yet. Not terribly unusual, but given that it impacts Adobe apps, I did expect to have some feedback by now.
>>>>
>>>> -Al-
>>>>
>>>> On Wed, Nov 18, 2015 at 10:07 PM, Gene Heskett wrote:
>>>>> /home/gene/.cache/chromium/Default/Cache/f_000445:
>>>>> Swf.Exploit.CVE_2015_5548 FOUND
>>>>> /home/gene/.cache/chromium/Default/Cache/f_000031:
>>>>> Swf.Exploit.CVE_2015_5548 FOUND
>>>>> /home/gene/.cache/chromium/Default/Cache/f_000200:
>>>>> Swf.Exploit.CVE_2015_5548 FOUND
>>>>> /home/gene/.cache/chromium/Default/Cache/f_0001fb:
>>>>> Swf.Exploit.CVE_2015_5548 FOUND
>>>>> /home/gene/.cache/chromium/Default/Cache/f_000202:
>>>>> Swf.Exploit.CVE_2015_5548 FOUND
>>>>>
>>>>> A sudo freshclam says everything is up to date.
>>>>> gene at coyote:~$ sudo freshclam
>>>>> [sudo] password for gene:
>>>>> ClamAV update process started at Thu Nov 19 01:01:56 2015
>>>>> main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
>>>>> neo)
>>>>> daily.cld is up to date (version: 21069, sigs: 1691987, f-level: 63,
>>>>> builder: neo)
>>>>> bytecode.cld is up to date (version: 270, sigs: 46, f-level: 63, builder:
>>>>> shurley)
>>>>>
>>>>> Should this not be fixed by now, or is it real? Since its in the browser
>>>>> cache, I am just nuking them.
>>>>>
>>>>> Debian wheezy here, up to date as of about 2 hours ago.
>>>>>
>>>>> Cheers, Gene Heskett
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Help us build a comprehensive ClamAV guide:
>>>>> https://github.com/vrtadmin/clamav-faq
>>>>>
>>>>> http://www.clamav.net/contact.html#ml
>>> _______________________________________________
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>> -Al-
>>
>>
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2366 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20151118/d1df4d90/attachment.bin>
More information about the clamav-users
mailing list