[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: TortoiseSVN 1.7.10 released

From: Andy Levy <andy.levy_at_gmail.com>
Date: Fri, 12 Oct 2012 13:15:58 -0400

On Fri, Oct 12, 2012 at 12:08 PM, Rolf Campbell
<rolf.campbell_at_solacesystems.com> wrote:
> On 2012-10-09 14:27, Stefan Küng wrote:
> > We're proud to announce that TortoiseSVN 1.7.10 has been released.
> > It is linked against Subversion 1.7.7
>
> I get a warning from my corporate install of symantec endpoint
> protection about "TortoiseSVN-1.7.10.23359-x64-svn-1.7.7.msi".
>
> Signature: "WS.Reputation.1"
> Event: Security Risk Found!
>
> And then it deletes the file on me.
>
> I suspect this might be a false alarm (but can't know for sure), but you
> guys might want to know about it even if it is.

It is almost certainly a false alarm. This is a "dummy" virus
definition which is actually a placeholder for Symantec's engine. They
either don't have enough data about the file to know if it's safe or
not, or a number of people have reported it as dangerous.

IMHO, how that software handles such a thing is very misleading. It's
only a "risk" in that Symantec doesn't have enough data about it to
know whether it's a risk or not, and the warning should reflect that.

See http://www.symantec.com/security_response/writeup.jsp?docid=2010-051308-1854-99

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3020150

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2012-10-12 19:16:45 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.