[...] > On 22.12.2016 18:37, vilca...@gmail.com wrote: > > Hi, just letting you know that Avira found some crypto-locker virus in > > ColibriOS iso that you featured in QEMU Advent Calendar 2016. Maybe you > > should look into that. I am not sure if it’s a false positive or not.. You > > can check the attachment for a screenshot of the result. > > That sounds ugly ...
That sounds super ugly indeed :-( > I think we just packaged the .iso from the official > KolibriOS website here (Kashyap, can you confirm?), Yes, I can confirm that I have downloaded the ISO from the official website -- it's a nightly build of their SVN revision 6766. These are local notes on preparing sources from the day I made the image (where the SVN revision was at 6766): ============ $ svn checkout svn://kolibrios.org -r 6766 $ svn log | head -5 ------------------------------------------------------------------------ r6766 | IgorA | 2016-11-26 23:57:24 +0100 (Sat, 26 Nov 2016) | 1 line fix bugs $ du -sh ../sources-kolibrios/ 1.4G ../sources-kolibrios/ $ du -sh .svn/ 662M .svn/ $ rm -rf .svn $ du -sh ../sources-kolibrios-rev-6766/ 691M ../sources-kolibrios-rev-6766/ $ tar -cJf sources-kolibrios-rev-6766.tar.xz sources-kolibrios-rev-6766/ $ du -sh sources-kolibrios-rev-6766.tar.xz 93M sources-kolibrios-rev-6766.tar.xz ============ > so if this is not > just a false positive, the problem very likely comes from there. Indeed. > If you've got some spare minutes, could you maybe check the download > from http://kolibrios.org/en/download , too? > > As far as I can see, there should not be any real danger here unless you > put the .iso file onto a real CD-ROM or USB stick and start the .exe > files in there (which is of course not necessary for starting a VM with > the .iso file). Yes, exactly, but still this incident is not nice to hear. > But anyway, this needs some closer investigation, to see > whether it's a false positive or not, so I've disabled that download for > now. We'll let you know when we know more ... Thanks for reporting the > issue! Yes, thanks for bringing it up. I'm afraid, I'm a little short on time, but will try to investigate later today. Regards, Kashyap
