I certainly agree with that. As I said in the original thread on this issue, I rarely come to the list with FP issues unless they appear to be impacting many users and commercial or system files. I make sure they are being submitted to VT and ClamAV and call it a day.
When the first few alerts on cache files came in, I simply told users to delete them, but when those with alerts to Adobe and other 3rd party apps arrived, I elected to join the conversation, already in progress here. -Al- On Wed, Nov 18, 2015 at 11:39 PM, Dennis Peterson wrote: > > Well sure, and no doubt they will - I'm just reminding people they have a > pre-emptive path, too. I get the feeling sometimes people are over-confident > in what the limited Clamav staff can accomplish in terms of short turn-around. > > dp > > On 11/18/15 11:36 PM, Al Varnell wrote: >> That’s what we did for ClamXav users, but given that it’s a cross-platform >> vulnerability, ClamAV needs to re-write or remove it, as well. >> >> -Al- >> >> On Wed, Nov 18, 2015 at 11:34 PM, Dennis Peterson wrote: >>> Write a local whitelist record? >>> >>> dp >>> >>> On 11/18/15 11:32 PM, Al Varnell wrote: >>>> I just submitted my FP to them 48 hours ago and have not received >>>> confirmation on it’s acceptance yet. Not terribly unusual, but given that >>>> it impacts Adobe apps, I did expect to have some feedback by now. >>>> >>>> -Al- >>>> >>>> On Wed, Nov 18, 2015 at 10:07 PM, Gene Heskett wrote: >>>>> /home/gene/.cache/chromium/Default/Cache/f_000445: >>>>> Swf.Exploit.CVE_2015_5548 FOUND >>>>> /home/gene/.cache/chromium/Default/Cache/f_000031: >>>>> Swf.Exploit.CVE_2015_5548 FOUND >>>>> /home/gene/.cache/chromium/Default/Cache/f_000200: >>>>> Swf.Exploit.CVE_2015_5548 FOUND >>>>> /home/gene/.cache/chromium/Default/Cache/f_0001fb: >>>>> Swf.Exploit.CVE_2015_5548 FOUND >>>>> /home/gene/.cache/chromium/Default/Cache/f_000202: >>>>> Swf.Exploit.CVE_2015_5548 FOUND >>>>> >>>>> A sudo freshclam says everything is up to date. >>>>> gene@coyote:~$ sudo freshclam >>>>> [sudo] password for gene: >>>>> ClamAV update process started at Thu Nov 19 01:01:56 2015 >>>>> main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: >>>>> neo) >>>>> daily.cld is up to date (version: 21069, sigs: 1691987, f-level: 63, >>>>> builder: neo) >>>>> bytecode.cld is up to date (version: 270, sigs: 46, f-level: 63, builder: >>>>> shurley) >>>>> >>>>> Should this not be fixed by now, or is it real? Since its in the browser >>>>> cache, I am just nuking them. >>>>> >>>>> Debian wheezy here, up to date as of about 2 hours ago. >>>>> >>>>> Cheers, Gene Heskett >>>>> >>>>> >>>>> _______________________________________________ >>>>> Help us build a comprehensive ClamAV guide: >>>>> https://github.com/vrtadmin/clamav-faq >>>>> >>>>> http://www.clamav.net/contact.html#ml >>> _______________________________________________ >>> Help us build a comprehensive ClamAV guide: >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml >> -Al- >> >> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
