[clamav-users] Cannot ignore BC.Gif.Exploit.Agent-1425366.Agent
Orion Poplawski
orion at nwra.com
Wed Jul 21 19:35:08 UTC 2021
Looks like "BC.Gif.Exploit-1425366" finally did the trick. Thanks. Is this
kind of thing documented anywhere?
On 7/21/21 12:33 PM, eric-list at truenet.com wrote:
> Orion,
>
> Did you keep .Agent at the end of the whitelist?
> It should just be BC.Gif.Exploit.Agent-1425366.
>
> I scanned the tar balls at gnome.org and didn't find anything though, but maybe you got it from somewhere else.
>
> Sincerely,
>
> Eric Tykwinski
> TrueNet, Inc.
> P: 610-429-8300
>
> -----Original Message-----
> From: clamav-users <clamav-users-bounces at lists.clamav.net> On Behalf Of Orion Poplawski via clamav-users
> Sent: Wednesday, July 21, 2021 1:48 PM
> To: ClamAV users ML <clamav-users at lists.clamav.net>
> Cc: Orion Poplawski <orion at nwra.com>
> Subject: [clamav-users] Cannot ignore BC.Gif.Exploit.Agent-1425366.Agent
>
> clamav is reporting BC.Gif.Exploit.Agent-1425366.Agent for a gif inside of the
> gdk-pixbuf2 tarball. I've tried adding it do our local whitelist.ign2 file, but that doesn't appear to take effect. Any way to ignore this definition?
>
> Thanks,
> Orion
>
> --
> Orion Poplawski
> IT Systems Manager 720-772-5637
> NWRA, Boulder/CoRA Office FAX: 303-415-9702
> 3380 Mitchell Lane orion at nwra.com
> Boulder, CO 80301 https://www.nwra.com/
>
>
>
--
Orion Poplawski
IT Systems Manager 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 https://www.nwra.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3847 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20210721/50f884e9/attachment.bin>
More information about the clamav-users
mailing list