>>> same
> > >> lack of proper FP testing as the other TIFF signature, likely for
> > >> the
> > same
> > >> reasons. After some time reviewing it, I agree that
> > >> BC.Img.Exploit.CVE_2017_11255-6335669-1 should be dropped. This
> > bytecode
> &
; >> Reworking the signature would is probably not worth the effort
> considering
> >> the CVE is from 2017.
> >>>
> >>> It should be dropped in the update tomorrow morning.
> >>>
> >>> Thanks for reaching out Mark.
> >>>
, 2021 11:36 AM
>>>> To: ClamAV Development
>>>> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>>>>
>>>> Oh, sorry I misread your email. Needed more coffee. You were asking
>> about
>>>> a different signature: BC.Img.
gt; >
> > It should be dropped in the update tomorrow morning.
> >
> > Thanks for reaching out Mark.
> >
> > Regards,
> > Micah
> >
> >> -Original Message-
> >> From: clamav-devel On Behalf Of
> >> Micah Snyder (micasnyd)
&
Of
>> Micah Snyder (micasnyd)
>> Sent: Monday, February 15, 2021 11:36 AM
>> To: ClamAV Development
>> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>>
>> Oh, sorry I misread your email. Needed more coffee. You were asking about
>> a different
ching out Mark.
Regards,
Micah
> -Original Message-
> From: clamav-devel On Behalf Of
> Micah Snyder (micasnyd)
> Sent: Monday, February 15, 2021 11:36 AM
> To: ClamAV Development
> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>
> Oh, sorry I mis
, 2021 10:28 AM
> To: ClamAV Development
> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>
> Hi Mark,
>
> TL;DR: The type detection mismatch is fixed in the current daily + 0.103.1.
> The issue was with the signature. We didn't know about it because of the
> From: clamav-devel On Behalf Of
> Mark Allan
> Sent: Saturday, February 13, 2021 3:35 PM
> To: ClamAV Development
> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>
> Thanks. I've just found another one too
>
> BC.Img.Exploit.CVE_2017_11255-6
h override the internal ones when
> loaded).
>
> I'll ask to have the signature dropped and re-evaluated.
>
> -Micah
>
>> -Original Message-
>> From: clamav-devel On Behalf Of
>> Micah Snyder (micasnyd)
>> Sent: Thursday, February 11
February 11, 2021 8:27 PM
> To: ClamAV Development
> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>
> Thank you Mark! We'll take a look.
>
> -Micah
>
> > -Original Message-
> > From: clamav-devel On Behalf
> > Of Mark Allan
> &
Thank you Mark! We'll take a look.
-Micah
> -Original Message-
> From: clamav-devel On Behalf Of
> Mark Allan
> Sent: Thursday, February 11, 2021 3:54 PM
> To: ClamAV Development
> Subject: Re: [Clamav-devel] Issue with FP only on 0.103.1
>
> Hi Micah,
day, February 8, 2021 3:04 AM
>> To: ClamAV Development
>> Subject: [Clamav-devel] Issue with FP only on 0.103.1
>>
>> Hi all,
>>
>> It looks like the additional image file type support in 0.103.1 has
>> introduced
>> an issue with a particular
2021 3:04 AM
> To: ClamAV Development
> Subject: [Clamav-devel] Issue with FP only on 0.103.1
>
> Hi all,
>
> It looks like the additional image file type support in 0.103.1 has introduced
> an issue with a particular signature which has been in the database since 2018
>
&g
Hi all,
It looks like the additional image file type support in 0.103.1 has introduced
an issue with a particular signature which has been in the database since 2018
Img.Exploit.CVE_2018_4904-6449838-0
It's flagging up thousands of known-good files. As far as I can tell, they're
all TI
14 matches
Mail list logo
