[clamav-users] handling multiple hits on CVE-2015-7645?
Al Varnell
alvarnell at mac.com
Sun Nov 22 21:28:06 UTC 2015
On Sun, Nov 22, 2015 at 04:51 AM, Orrick, Diana wrote:
>
> Hello,
>
> I haven't has any response to filing a number of False Positive reports, should I have?
Have you joined the clamav-virusdb mailing-list? You won’t be notified unless you do.
> I do appreciate the limits of the support folks, really. Just trying to understand
> how FP are handled and what the expectations should be.
>
> We've had another round of scans and the same servers,
> same files are flagged by ClamAV (only) again for Swf.Exploit.CVE_2015_7645.
> These are showing up on Linux servers that do not have the flash rpm referenced in the CVE.
>
> I've looked through the archives and the admin manual for some reference to
> creating a 'local whitelist record' but don't find much. Would someone point
> me to the terms I should search on for the whitelist creation process, please?
>
> Thanks for your assistance.
-Al-
--
Al Varnell
Mountain View, CA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2366 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20151122/adc0428a/attachment.bin>
More information about the clamav-users
mailing list