bug-gnu-pspp
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PSPP-BUG: Malware detected

From: Friedrich Beckmann
Subject: Re: PSPP-BUG: Malware detected
Date: Tue, 8 Mar 2022 10:08:02 +0100 
Hi Marcus,

i checked the sha256 file hash

1443eb5cee42db3789ced6133a02f1b16ef90e4ca2fcf50f70e92849e6fe9dba

of pspp-64bit-install.exe for version 1.5.3-g797d4c

on the cisco webseite against their database

https://talosintelligence.com/sha_searches

and the file is marked as malicious with a score of 2 out of 100 where 100 
means most malicious. There is a possibility to submit a „File Reputation 
Ticket“ for you as a customer of this product. My guess for the moment is that 
your protection software just makes a false classification based on rules which 
are not further explained. Maybe you could file such a ticket for your 
protection software.

Regards

Friedrich

> Am 07.03.2022 um 20:34 schrieb Marcus Klein <msklein@uol.com.br>:
> 
> John,
> thank you for your reply and guidance.
> I'm also exchanging e-mails with Frederick Beckmann and letting him aware of 
> the problem.
> As I needed a windows version of PSPP, I could find a clean package in Source 
> Forge.
> 
> thank you very much.
> Regards,
> Marcus Klein.
> 
> Marcus Klein
>  
>  
> 
> De: "John Darrington" <john@darrington.wattle.id.au>
> Enviada: 2022/03/07 09:42:07
> Para: msklein@uol.com.br
> Cc: bug-gnu-pspp@gnu.org
> Assunto: Re: PSPP-BUG: Malware detected
>  
> The url you gave is not a GNU url - all GNU urls are in the domain gnu.org
> The domain you mentioned belogs to the Augsburg university of applied 
> sciences,
> and I think the binaries there are kindly made available by Frederick 
> Beckmann.
> 
> I also find it a very bold claim that this binary contains malware. A bold
> claim for which you provide no evidence. I guess you need to contact
> Frederick and explain your reasons for believing that this allegation 
> including
> the nature of the malware which you are of the opinion is contained within
> this binary.
> 
> Of course, if you want to be absolutely sure that your software is free
> from malware, then you should download the source from ftp.gnu.org, perform a
> thorough audit of the source code, and build the software yourself using
> trusted tools.
> 
> Regards,
> 
> John
> 
> On Sat, Mar 05, 2022 at 06:21:09PM -0300, Marcus Klein wrote:
> Dear GNU,<br />
> 
> I downloaded the pspp-64bit-install.exe file from&nbsp;<a 
> href="https://caeis.etech.fh-augsburg.de/downloads/windows/1.5.3-g797d4c/pspp-64bit-install.exe";>https://caeis.etech.fh-augsburg.de/downloads/windows/1.5.3-g797d4c/pspp-64bit-install.exe</a><br
>  />
> and it has a malware with signature W32.649BEE42BD-95.SBX.TG.<br />
> Also f_003d6d (not sure if this is a file inside the install package) has the 
> same signature<br />
> <br />
> Could you please update the compilation and advise?<br />
> Thanks in advance.<br />
> <br />
> Marcus Klein
> _______________________________________________
> Bug-gnu-pspp mailing list
> Bug-gnu-pspp@gnu.org
> https://lists.gnu.org/mailman/listinfo/bug-gnu-pspp
>  _______________________________________________
> Bug-gnu-pspp mailing list
> Bug-gnu-pspp@gnu.org
> https://lists.gnu.org/mailman/listinfo/bug-gnu-pspp
reply via email to
[Prev in Thread] Current Thread [Next in Thread]