Re: [clamav-users] CVE_2021_4034-9951522 false positives on node executables

That's the only thing I can think of. I had node 18.6.0 and I'm running ClamAV 0.105.0. That detected the node binary as having the same virus. However, when I upload and scan the binary with VirusTotal, their install of ClamAV does not detect it. Similarly, after I upgraded to node 18.7.0, my loc

Re: [clamav-users] No daily sig since July 28th

On Mon, Aug 01, 2022 at 11:57 PM, G.W. Haywood via clamav-users wrote: > Al, the real reason for this post is that you mentioned the other day > that you'd also seen no viusdb mail for CVE CVE_2021_4034 although the > signature had appeared in the DB. The mail was sent on June 4th, the > sig was t

Re: [clamav-users] CVE_2021_4034-9951522 false positives on node executables

Hi Ged, > Am 01.08.2022 um 12:20 schrieb G.W. Haywood >: > > The signature database has the facility to whitelist falsely flagged > files using a digest. These are propagated with the 'daily' updates. > Are you sure that your signature database is up to date?

Re: [clamav-users] CVE_2021_4034-9951522 false positives on node executables

Hi, Is it possible that the infected file is only found in arm64 versions? When I go to https://nodejs.org/en/ , it prompts me to download files for x64. However, I am on an Apple Air M1 and I just verified that the installed node binary is an arm64 executable. Cheers,

Re: [clamav-users] No daily sig since July 28th

Hi all, There was a server outage in our primary datacenter on Friday that left the signature database build server's database in a bad state. Unfortunately, I'm told that it also impacted the service responsible for alerting us to the problem and so we didn't realize until yesterday morning.