Date: prev next · Thread: first prev next last
2016 Archives by date, by thread · List index


On 28.12.2015 22:06, Markus Mohrhard wrote:
Hey,

On Mon, Dec 28, 2015 at 9:57 PM, Regina Henschel
<rb.henschel@t-online.de <mailto:rb.henschel@t-online.de>> wrote:

    Hi all,

    I get a virus detection from scanner GData on the files
    crash-1.tiff and hang-7.tiff in filter\qa\cppunit\data\tiff\fail,
    both Exploit.CVE-2015-5097-Gen

    and a suspected virus on the file hang-3.wmf in
    vcl\qa\cppunit\graphicfilter\data\wmf\fail\ with
    Exploit.Win32.MS04-032.Gen


you can safely ignore these reports. Our */qa directories contain a
number of files that are detected by various virus scanners. The files
are there to prevent regressions with security issues.

it looks like the hang-*.tiff and hang-*.wmf are not encrypted.

the CVE-* files in the same directory are all encrypted with some dummy
password, so that virus scanners don't complain about them.

vcl/qa/cppunit/graphicfilter/data/README

i've taken the liberty to encrypt these now on master with
18b0343010517daa1eaf52a17ef19564076e1f3a, so you should only get virus
warnings when the tests are actually running (because the files will be
written unencrypted to temporary files), which can be avoided with
--disable-cve-tests.




Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.