The offending signature has been pulled as of daily: 21070, published on Nov 18.
- Alain On Thu, Nov 19, 2015 at 2:57 AM, Al Varnell <alvarn...@mac.com> wrote: > I certainly agree with that. > > As I said in the original thread on this issue, I rarely come to the list > with FP issues unless they appear to be impacting many users and commercial > or system files. I make sure they are being submitted to VT and ClamAV and > call it a day. > > When the first few alerts on cache files came in, I simply told users to > delete them, but when those with alerts to Adobe and other 3rd party apps > arrived, I elected to join the conversation, already in progress here. > > -Al- > > On Wed, Nov 18, 2015 at 11:39 PM, Dennis Peterson wrote: > > > > Well sure, and no doubt they will - I'm just reminding people they have > a pre-emptive path, too. I get the feeling sometimes people are > over-confident in what the limited Clamav staff can accomplish in terms of > short turn-around. > > > > dp > > > > On 11/18/15 11:36 PM, Al Varnell wrote: > >> That’s what we did for ClamXav users, but given that it’s a > cross-platform vulnerability, ClamAV needs to re-write or remove it, as > well. > >> > >> -Al- > >> > >> On Wed, Nov 18, 2015 at 11:34 PM, Dennis Peterson wrote: > >>> Write a local whitelist record? > >>> > >>> dp > >>> > >>> On 11/18/15 11:32 PM, Al Varnell wrote: > >>>> I just submitted my FP to them 48 hours ago and have not received > confirmation on it’s acceptance yet. Not terribly unusual, but given that > it impacts Adobe apps, I did expect to have some feedback by now. > >>>> > >>>> -Al- > >>>> > >>>> On Wed, Nov 18, 2015 at 10:07 PM, Gene Heskett wrote: > >>>>> /home/gene/.cache/chromium/Default/Cache/f_000445: > >>>>> Swf.Exploit.CVE_2015_5548 FOUND > >>>>> /home/gene/.cache/chromium/Default/Cache/f_000031: > >>>>> Swf.Exploit.CVE_2015_5548 FOUND > >>>>> /home/gene/.cache/chromium/Default/Cache/f_000200: > >>>>> Swf.Exploit.CVE_2015_5548 FOUND > >>>>> /home/gene/.cache/chromium/Default/Cache/f_0001fb: > >>>>> Swf.Exploit.CVE_2015_5548 FOUND > >>>>> /home/gene/.cache/chromium/Default/Cache/f_000202: > >>>>> Swf.Exploit.CVE_2015_5548 FOUND > >>>>> > >>>>> A sudo freshclam says everything is up to date. > >>>>> gene@coyote:~$ sudo freshclam > >>>>> [sudo] password for gene: > >>>>> ClamAV update process started at Thu Nov 19 01:01:56 2015 > >>>>> main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, > builder: > >>>>> neo) > >>>>> daily.cld is up to date (version: 21069, sigs: 1691987, f-level: 63, > >>>>> builder: neo) > >>>>> bytecode.cld is up to date (version: 270, sigs: 46, f-level: 63, > builder: > >>>>> shurley) > >>>>> > >>>>> Should this not be fixed by now, or is it real? Since its in the > browser > >>>>> cache, I am just nuking them. > >>>>> > >>>>> Debian wheezy here, up to date as of about 2 hours ago. > >>>>> > >>>>> Cheers, Gene Heskett > >>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> Help us build a comprehensive ClamAV guide: > >>>>> https://github.com/vrtadmin/clamav-faq > >>>>> > >>>>> http://www.clamav.net/contact.html#ml > >>> _______________________________________________ > >>> Help us build a comprehensive ClamAV guide: > >>> https://github.com/vrtadmin/clamav-faq > >>> > >>> http://www.clamav.net/contact.html#ml > >> -Al- > >> > >> > >> _______________________________________________ > >> Help us build a comprehensive ClamAV guide: > >> https://github.com/vrtadmin/clamav-faq > >> > >> http://www.clamav.net/contact.html#ml > > > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > -Al- > -- > Al Varnell > Mountain View, CA > > > > > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
