Clamscan found infected files in sources

English
#1

I am using Linux Fedora.

3 months ago I downloaded the sources for LO.
Today, after running CLamscan, These files were found:
/home/bengbers/Git/libreoffice/xmlsecurity/qa/unit/signing/data/hide-and-replace-shadow-file-signed-2.pdf: Pdf.Dropper.Agent-9164294-0 FOUND
/home/bengbers/Git/libreoffice/workdir/UnpackedTarball/pdfium/testing/resources/pixel/bug_867501.pdf: Pdf.Exploit.TALOS_2018_0639-6680787-0 FOUND
/home/bengbers/Git/libreoffice/external/tarballs/pdfium-6296.tar.bz2: Pdf.Exploit.TALOS_2018_0639-6680787-0 FOUND/home/bengbers/Git/libreoffice/emfio/qa/cppunit/emf/data/TestLinearGradient.emf: BC.Win.Exploit.CVE_2017_11244-6335400-6 FOUND
/home/bengbers/Git/libreoffice/emfio/qa/cppunit/emf/data/TestEmfPlusFillClosedCurve.emf: Win.Exploit.CVE_2017_11245-6335831-0 FOUND

Is this a real threat?

Ben

#2

Most likely ClamAV false positives, for example I uploaded workdir/UnpackedTarball/pdfium/testing/resources/pixel/bug_867501.pdf to VirusTotal and this is the result: VirusTotal, only ClamAV claimed a hit. You can repeat with the other files if you wish.

Impressum (Legal Info) | Datenschutzerklärung (Privacy Policy)   Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.