I also submitted an FP a few days ago. I'm not as much of a fan of whitelisting what could be a fairly serious exploit that i'd be allowing people to download if it were valid. Hopefully it will be fixed up soon. The documents i found it in are public, so if there is way to expedite the process, i'm happy to supply other information.
On Wed, Nov 23, 2016 at 10:27 AM, Hajo Locke <hajo.lo...@gmx.de> wrote: > Hello, > > Am 23.11.2016 um 16:10 schrieb Ralf Hildebrandt: > >> * Hajo Locke <hajo.lo...@gmx.de>: >> >>> Hello, >>> >>> unfortunately we have some problems with FP Pdf.Exploit.CVE_2016_1091-2 >>> Customer was testing at virustotal and only clamav is finding a virus. >>> Unfortunately i can not do a FP-Report. All PDFs are property of >>> costumers >>> and not public. >>> >> I already did a FP report. It happened with PDFs from "Springer >> Medical". had to diable that signature. >> > Thanks. In most cases the clam-team response is quick. Otherwise i would > also do a global whitelisting. > >> >> I hope there are some additional FP-Reports from other people regarding >>> this >>> virus to review this signature. >>> >> Yep. >> >> Thanks, > Hajo > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
