Looks like "BC.Gif.Exploit-1425366" finally did the trick. Thanks. Is this kind of thing documented anywhere?
On 7/21/21 12:33 PM, eric-l...@truenet.com wrote: > Orion, > > Did you keep .Agent at the end of the whitelist? > It should just be BC.Gif.Exploit.Agent-1425366. > > I scanned the tar balls at gnome.org and didn't find anything though, but > maybe you got it from somewhere else. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > > -----Original Message----- > From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of Orion > Poplawski via clamav-users > Sent: Wednesday, July 21, 2021 1:48 PM > To: ClamAV users ML <clamav-users@lists.clamav.net> > Cc: Orion Poplawski <or...@nwra.com> > Subject: [clamav-users] Cannot ignore BC.Gif.Exploit.Agent-1425366.Agent > > clamav is reporting BC.Gif.Exploit.Agent-1425366.Agent for a gif inside of the > gdk-pixbuf2 tarball. I've tried adding it do our local whitelist.ign2 file, > but that doesn't appear to take effect. Any way to ignore this definition? > > Thanks, > Orion > > -- > Orion Poplawski > IT Systems Manager 720-772-5637 > NWRA, Boulder/CoRA Office FAX: 303-415-9702 > 3380 Mitchell Lane or...@nwra.com > Boulder, CO 80301 https://www.nwra.com/ > > > -- Orion Poplawski IT Systems Manager 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane or...@nwra.com Boulder, CO 80301 https://www.nwra.com/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
![Re: [clamav-users] Cannot ignore BC.Gif.Exploit.Agent-1425366.Agent](/search?l=clamav-users@lists.clamav.net&q=subject:%22Re%5C%3A+%5C%5Bclamav%5C-users%5C%5D+Cannot+ignore+BC.Gif.Exploit.Agent%5C-1425366.Agent%22&o=newest){kind=link}
