So we’ve improved!!! LOL!
We added the quines in 1.22. Still on my phone and can’t dig in. I wonder
if the non compression hits are from tools that timed out on 1.23 but did
not timeout on 1.22.
Is there any way to tell which files are triggering the hits?
Thank you, Jens!!!
Cheers,
Tim
On Sat, Dec 7, 2019 at 10:20 AM Fossies Administrator <
[email protected]> wrote:
> Hi Tim,
>
> > Thank you for the note. We added two compression quines to the unit
> > tests, and that looks like what several of the engines are triggering on.
> > I’m on my phone now and can’t easily figure out if VirusTotal points to
> > specific files. Without that info, I can’t explain
> Riskware.Win32.Patcher.oltzn
> > or PATH_SLIP.
> >
> > The latter also was found in 1.21. I’ll take a look early next week.
> >
> > I find it eye-opening that the quines didn’t set off _more_ AV engines!🤣
>
> A completion: Since for unknown reasons Fossies hasn't detected the
> release of tika version 1.22 on Fossies no VirusTotal check was made. So I
> have now made up for it manually with a a little bit surprising result
> (even 14 of 56 matching engines)
>
> Tika 1.21 (2 of 52) 1.22 (14 of 56) 1.23 (7
> of 52)
> ########### ################### #################################
> ############################
> Cyren PATH_SLIP PATH_SLIP PATH_SLIP
> Zoner Probably RTFBinData
> Alibaba TrojanArcBomb:GZip/Agent.836c5791
> Symantec Trojan.Gen.NPE
> ESET-NOD32 Archbomb.ZIP
> Archbomb.ZIP
> Kaspersky Trojan-ArcBomb.GZip.Agent.e
> Trojan-ArcBomb.GZip.Agent.e
> NANO-Antiv. Riskware.Win32.Patcher.oltzn
> Riskware.Win32.Patcher.oltzn
> AegisLab Trojan.GZip.Agent.61c
> Sophos Troj/ZipB-A
> Troj/ZipB-A
> Comodo Malware@#3vccmnmqk3bh6
> SentinelOne DFI - Malicious Archive DFI -
> Malicious Archive
> Fortinet Riskware/GZunlimited
> ZoneAlarm Trojan-ArcBomb.GZip.Agent.e
> Trojan-ArcBomb.GZip.Agent.e
> Ikarus Trojan-Downloader.PS.Agent
> Qihoo-360 Win32/Trojan.BO.316
>
> For tika 1.21 I repeated the check because the signatures could be updated
> in the meantime. But still 2 matches (now of 52 instead of 45 engines).
>
> Regards
>
> Jens
>
> > On Fri, Dec 6, 2019 at 5:36 PM Fossies Administrator <
> > [email protected]> wrote:
> >
> >> Hi,
> >>
> >> just as information: As for all offered software packages the FOSS
> server
> >> fossies.org forced also for the just released tika-1.23-src.zip
> archive a
> >> malware check by the VirusTotal site, see the line "VirusTotal check" at
> >> the top of the page
> >>
> >> https://fossies.org/linux/misc/tika-1.23-src.zip/
> >>
> >> You may click on the results to see the detailed report on
> >> https://www.virustotal.com.
> >>
> >> Unfortunately 7 of 52 scanning engines found a match for
> tika-1.23-src.zip.
> >>
> >> Hopefully that are all False positives related to the nature of Tika but
> >> at least for tika-1.21-src.zip "only" 2 of 45 engines have found a
> match,
> >> see
> >>
> >> https://fossies.org/linux/misc/legacy/tika-1.21-src.zip/
> >>
> >> Regards
> >>
> >> Jens
> >>
> >> --
> >> FOSSIES - The Fresh Open Source Software archive
> >> mainly for Internet, Engineering and Science
> >> https://fossies.org/
