[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Virus in all svn and subclipse version for Windows

From: D.J. Heap <djheap_at_gmail.com>
Date: 2007-10-19 10:46:28 CEST

On 10/18/07, Jack Repenning <jrepenning@collab.net> wrote:
> On Oct 18, 2007, at 9:39 PM, Erik Huelsmann wrote:
> > On 10/18/07, Matthias Roth <matthias.roth@impart.ch> wrote:
> >>
> >> The Virus must be very new. I was going
> >> To the web site of my virus program provider:
> >> http://www.antiviruslab.com/description.php?virus=1285711&lang=gb
> >>
> >> The Info about the virus detection is:
> >> Detected since AVK version: AVK 17.9138, Date 10-18-2007
> >
> > In that case, isn't it a signature match, giving a false positive
> > viral alarm?

While only a fool is absolutely sure, it seems unlikely the zip on
tigris contains a virus.

My up-to-date SophosAV installs do not flag it, the machine where it
was created and packaged is a minimal but up-to-date WinXP installed
in a VM with no direct internet access (behind both Linux and Windows
firewalls), and it does not and never has received email, and it is
only powered on for a few days a year to patch and do release builds.

It also seems odd that only libapriconv.dll would be infected while
all the other dll's and exe's in the same directory are clean.

I would think tigris also scans uploaded files as seems to be pretty
common practice for hosting providers anymore, but I don't know that
they do.

If definitive proof (what is the virus behavior that could be watched
for?) is found, I would scratch and rebuild the VM and zips, of
course. But with two major AV vendors not flagging it and no other
reports whatsoever, I'm not inclined to spend time doing that just


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Oct 19 10:46:47 2007

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.