Closed Bug 504947 Opened 15 years ago Closed 14 years ago

Some Virus Scans report Trojan horse in 485217.xsl

Categories

(Core :: XSLT, defect)

Product:
Core
Component:
XSLT
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
status1.9.2 --- .7-fixed
status1.9.1 --- .11-fixed

People

(Reporter: WeirdAl, Assigned: Callek)

References

Details

Attachments

(1 file)

Patch as pushed
654 bytes, patch
dveditz
: approval1.9.2.7+
dveditz
: approval1.9.1.11+
Details | Diff | Splinter Review
I've had a lot of trouble with hg clone in trying to get mozilla-1.9.1, mozilla-central code checked out. Norton and Symantec antivirus products claim 485217.xsl is a Trojan horse. I don't necessarily agree with that assessment, nor do I agree this is Mozilla's bug. I'm filing it anyway, as UNCO, for tracking. Please feel free to reassign, investigate, fix or mark INVALID as you see fit.
Um, yeah, probably invalid. Did you contact them about a false positive? They will usually update their definitions pretty quickly if they get some confirmed false positive reports.
I tried to via their Help & Support chat system, but I don't think that was the right route to go. I'd appreciate any pointers on where to go.
Well https://www-secure.symantec.com/norton/support/contact/email/email_form.jsp may help, but did the chat yield anything? I am trying to track some stuff down now.
Thanks for the false positive link: False Positive Submission CONFIRMATION Your submission has been sent Sat Jul 18 16:03:32 2009 To make another submission, click on False Positive Form Sincerely, Symantec Security Response
well, for now, INVALID.
OS: Windows XP → All
Hardware: x86 → All
Version: unspecified → Trunk
Time to close this bug?
I was also frequently getting this error with TrendMicro. After consulting with mrbkap on IRC was able to come up with a fix for my use. Axel if you still have the antivirus you used to report this can you please re-test with m-c and let us know if this fixes it? Pushed As: http://hg.mozilla.org/mozilla-central/rev/771e928c4a16
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Summary: Norton / Symantec report Trojan horse in 485217.xsl → Some Virus Scans report Trojan horse in 485217.xsl
Attached patch Patch as pushedSplinter Review
Requesting approval for 1.9.2 and 1.9.1; This is very very low risk and ensures that developer's virus scans don't mess up the Hg Repo unannounced.
Assignee: nobody → bugspam.Callek
Attachment #443987 - Flags: approval1.9.2.5?
Attachment #443987 - Flags: approval1.9.1.11?
Ah so Symantec is basing there anti-virus detection on the name you use for a function? Really? QWe need to out them. They need to do a better job of real detection than this.
(In reply to comment #10) > Ah so Symantec is basing there anti-virus detection on the name you use for a > function? Really? QWe need to out them. They need to do a better job of real > detection than this. For the record I only tested with TrendMicro, but I suspect this is the same issue. It is also why I asked Alex to verify if this fixes with the other scanners.
Oh, oops. I saw "Axel" in comment 8 and thought you meant someone else, a la Pike. :) No, I've since upgraded software, so I can't really retest this.
Attachment #443987 - Flags: approval1.9.2.5?
Attachment #443987 - Flags: approval1.9.2.5+
Attachment #443987 - Flags: approval1.9.1.11?
Attachment #443987 - Flags: approval1.9.1.11+
Comment on attachment 443987 [details] [diff] [review] Patch as pushed Approved for 1.9.2.5 and 1.9.1.11, a=dveditz
Keywords: checkin-needed
Whiteboard: [c-n 1.9.1 and 1.9.2]
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/d098cf026cfc
status1.9.2: --- → .6-fixed
Whiteboard: [c-n 1.9.1 and 1.9.2] → [c-n 1.9.1]
Attachment #443987 - Flags: approval1.9.2.5+ → approval1.9.2.6+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: