Source: libmail-deliverystatus-bounceparser-perl Version: 1.531-1 Severity: serious X-Debbugs-CC: Ricardo Signes <r...@cpan.org> Control: forwarded -1 Ricardo Signes <r...@cpan.org> Control: found -1 1.536-1 Control: found -1 1.542-1 User: debian-ad...@lists.debian.org Usertags: needed-by-DSA-Team
The Mail::DeliveryStatus::BounceParser source contains a live virus and some real spam/phishing mails. This is leading to Netcraft and other virus detection systems on the Internet reporting Debian mirrors as malicious, which potentially reduces the reputation of debian.org on various anti-spam and anti-malware services. Please fix this in upstream git, with a new release on CPAN and in all Debian suites. https://incident.netcraft.com/w/b0d11ab53944/ https://incident.netcraft.com/w/ffb6f95e5301/ To fix this you will need to strip the account-password.zip attachment from t/corpus/virus-caused-multiple-weird-reports.msg and if possible strip the phishing/spam content from the other files, while ensuring that the tests still pass despite changes to the corpus but that the new files in the corpus do not trip any anti-virus checkers: https://www.virustotal.com/ $ clamdscan --fdpass --infected | sed "s|`pwd`/||" t/corpus/virus-caused-multiple-weird-reports.msg: Win.Worm.Mytob-331 FOUND t/corpus/spam-with-badly-parsed-email.msg: Sanesecurity.Phishing.Ivt.6456.UNOFFICIAL FOUND t/corpus/spam-lots-of-bogus-addresses.msg: Sanesecurity.Spam.8684.UNOFFICIAL FOUND ----------- SCAN SUMMARY ----------- Infected files: 3 Time: 0.087 sec (0 m 0 s) -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
