I've had a lot of trouble with hg clone in trying to get mozilla-1.9.1, mozilla-central code checked out. Norton and Symantec antivirus products claim 485217.xsl is a Trojan horse.
I don't necessarily agree with that assessment, nor do I agree this is Mozilla's bug. I'm filing it anyway, as UNCO, for tracking. Please feel free to reassign, investigate, fix or mark INVALID as you see fit.
Um, yeah, probably invalid. Did you contact them about a false positive? They will usually update their definitions pretty quickly if they get some confirmed false positive reports.
I tried to via their Help & Support chat system, but I don't think that was the right route to go. I'd appreciate any pointers on where to go.
Well https://www-secure.symantec.com/norton/support/contact/email/email_form.jsp may help, but did the chat yield anything? I am trying to track some stuff down now.
Sorry for the spam, https://submit.symantec.com/false_positive/index.html.
Thanks for the false positive link:
False Positive Submission
Your submission has been sent Sat Jul 18 16:03:32 2009
To make another submission, click on False Positive Form
Symantec Security Response
well, for now, INVALID.
Time to close this bug?
I was also frequently getting this error with TrendMicro.
After consulting with mrbkap on IRC was able to come up with a fix for my use.
Axel if you still have the antivirus you used to report this can you please re-test with m-c and let us know if this fixes it?
Pushed As: http://hg.mozilla.org/mozilla-central/rev/771e928c4a16
Created attachment 443987 [details] [diff] [review]
Patch as pushed
Requesting approval for 1.9.2 and 1.9.1; This is very very low risk and ensures that developer's virus scans don't mess up the Hg Repo unannounced.
Ah so Symantec is basing there anti-virus detection on the name you use for a function? Really? QWe need to out them. They need to do a better job of real detection than this.
(In reply to comment #10)
> Ah so Symantec is basing there anti-virus detection on the name you use for a
> function? Really? QWe need to out them. They need to do a better job of real
> detection than this.
For the record I only tested with TrendMicro, but I suspect this is the same issue. It is also why I asked Alex to verify if this fixes with the other scanners.
Oh, oops. I saw "Axel" in comment 8 and thought you meant someone else, a la Pike. :)
No, I've since upgraded software, so I can't really retest this.
Comment on attachment 443987 [details] [diff] [review]
Patch as pushed
Approved for 220.127.116.11 and 18.104.22.168, a=dveditz