[clamav-users] handling multiple hits on CVE-2015-7645?
Orrick, Diana
orrick at fsu.edu
Sun Nov 22 12:51:06 UTC 2015
Hello,
I haven't has any response to filing a number of False Positive reports,
should I have?
I do appreciate the limits of the support folks, really. Just trying to
understand
how FP are handled and what the expectations should be.
We've had another round of scans and the same servers,
same files are flagged by ClamAV (only) again for Swf.Exploit.CVE_2015_7645.
These are showing up on Linux servers that do not have the flash rpm
referenced in the CVE.
I've looked through the archives and the admin manual for some reference to
creating a 'local whitelist record' but don't find much. Would someone
point
me to the terms I should search on for the whitelist creation process,
please?
Thanks for your assistance.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diana Mayer Orrick
Florida State University
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the clamav-users
mailing list