Note: There are a few cases of duplicates in user autocompletion which are being worked on.

Some Virus Scans report Trojan horse in 485217.xsl

RESOLVED FIXED

Status

()

Core
XSLT
RESOLVED FIXED
8 years ago
7 years ago

People

(Reporter: WeirdAl, Assigned: Callek)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(status1.9.2 .7-fixed, status1.9.1 .11-fixed)

Details

Attachments

(1 attachment)

(Reporter)

Description

8 years ago
I've had a lot of trouble with hg clone in trying to get mozilla-1.9.1, mozilla-central code checked out.  Norton and Symantec antivirus products claim 485217.xsl is a Trojan horse.

I don't necessarily agree with that assessment, nor do I agree this is Mozilla's bug.  I'm filing it anyway, as UNCO, for tracking.  Please feel free to reassign, investigate, fix or mark INVALID as you see fit.
Um, yeah, probably invalid. Did you contact them about a false positive? They will usually update their definitions pretty quickly if they get some confirmed false positive reports.
(Reporter)

Comment 2

8 years ago
I tried to via their Help & Support chat system, but I don't think that was the right route to go.  I'd appreciate any pointers on where to go.
Well https://www-secure.symantec.com/norton/support/contact/email/email_form.jsp may help, but did the chat yield anything? I am trying to track some stuff down now.
Sorry for the spam, https://submit.symantec.com/false_positive/index.html.
(Reporter)

Comment 5

8 years ago
Thanks for the false positive link:

False Positive Submission

CONFIRMATION
Your submission has been sent Sat Jul 18 16:03:32 2009

To make another submission, click on False Positive Form

Sincerely,
Symantec Security Response
well, for now, INVALID.
OS: Windows XP → All
Hardware: x86 → All
Version: unspecified → Trunk

Comment 7

8 years ago
Time to close this bug?
(Assignee)

Comment 8

7 years ago
I was also frequently getting this error with TrendMicro.

After consulting with mrbkap on IRC was able to come up with a fix for my use.

Axel if you still have the antivirus you used to report this can you please re-test with m-c and let us know if this fixes it?

Pushed As: http://hg.mozilla.org/mozilla-central/rev/771e928c4a16
Status: UNCONFIRMED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Summary: Norton / Symantec report Trojan horse in 485217.xsl → Some Virus Scans report Trojan horse in 485217.xsl
(Assignee)

Comment 9

7 years ago
Created attachment 443987 [details] [diff] [review]
Patch as pushed

Requesting approval for 1.9.2 and 1.9.1; This is very very low risk and ensures that developer's virus scans don't mess up the Hg Repo unannounced.
Assignee: nobody → bugspam.Callek
Attachment #443987 - Flags: approval1.9.2.5?
Attachment #443987 - Flags: approval1.9.1.11?
Ah so Symantec is basing there anti-virus detection on the name you use for a function?  Really?  QWe need to out them.  They need to do a better job of real detection than this.
(Assignee)

Comment 11

7 years ago
(In reply to comment #10)
> Ah so Symantec is basing there anti-virus detection on the name you use for a
> function?  Really?  QWe need to out them.  They need to do a better job of real
> detection than this.

For the record I only tested with TrendMicro, but I suspect this is the same issue.  It is also why I asked Alex to verify if this fixes with the other scanners.
(Reporter)

Comment 12

7 years ago
Oh, oops.  I saw "Axel" in comment 8 and thought you meant someone else, a la Pike.  :)

No, I've since upgraded software, so I can't really retest this.
Attachment #443987 - Flags: approval1.9.2.5?
Attachment #443987 - Flags: approval1.9.2.5+
Attachment #443987 - Flags: approval1.9.1.11?
Attachment #443987 - Flags: approval1.9.1.11+
Comment on attachment 443987 [details] [diff] [review]
Patch as pushed

Approved for 1.9.2.5 and 1.9.1.11, a=dveditz
(Assignee)

Updated

7 years ago
Keywords: checkin-needed
Whiteboard: [c-n 1.9.1 and 1.9.2]
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/d098cf026cfc
status1.9.2: --- → .6-fixed
Whiteboard: [c-n 1.9.1 and 1.9.2] → [c-n 1.9.1]
(Assignee)

Comment 15

7 years ago
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/cfb571fbc5f5
status1.9.1: --- → .11-fixed
Keywords: checkin-needed
Whiteboard: [c-n 1.9.1]
Attachment #443987 - Flags: approval1.9.2.5+ → approval1.9.2.6+
You need to log in before you can comment on or make changes to this bug.