Clam signature report
Chuck Talk
cwtalk1 at gmail.com
Sun Jan 3 16:49:23 UTC 2021
First post to the list, love the flatpak system, but keep getting what
'may' be a false positive in Clam AV:
/home/******/.local/share/flatpak/runtime/org.gnome.Platform/x86_64/3.38/42f0534709bc634acaeea04372985231d6c414ae811029b9381643e2ba78caf6/files/libe
+xec/installed-tests/gdk-pixbuf/test-images/gif-test-suite/max-width.gif:
BC.Gif.Exploit.Agent-1425366.Agent FOUND
/home/f******.local/share/flatpak/runtime/org.gnome.Platform/x86_64/3.36/3ce8cc7f830a724c91355b1dc94caed2a93be83c267eb21cde63e701b03b4dd8/files/libe
+xec/installed-tests/gdk-pixbuf/test-images/gif-test-suite/max-width.gif:
BC.Gif.Exploit.Agent-1425366.Agent FOUND
/home/******.local/share/flatpak/repo/objects/34/32b76db9f3df9ffb126a55624df56417c367c47d95e3f619585af51e448144.file:
+BC.Gif.Exploit.Agent-1425366.Agent FOUND
Seems that the max-width.gif file is shown in the scan as an exploit. Whn
checking at ClamTK on Gitlab, the knowledge is 'could be okay' but unsure.
OpenSuSE tumbleweed shows:
"A file tests/test-images/gif-test-suite/max-width.gif from the
test suite is correctly identified by clamav to be a malicious
BC.Gif.Exploit.Agent-1425366.Agent. This is an intentional part
of the test suite to ensure it has no negative side effects."
Confused as to whether this is a problem file, or just a false-positive?
Is this a known issue?
Sincerely,
Chuck
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20210103/da537233/attachment.htm>
More information about the Flatpak
mailing list