X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=skcoNirgsJ2W4J71s/e4O5ob4AWDNGZSzGU0F0q3VAdKDV6QdXwnH
	IeXWGcI3LTBGwztRa8AwrwN60XZXTAAqjo9tW0IU3tAX28zQoApuq268JYRyd2fb
	2Iw2DqcyOXnK7OvbgyRvZ/fFUdlm1ncLosV8L5wMRIDSPejQ47ySJE=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; s=default;
	 bh=aj1Le3ZY39aD/k72kLyh2h3U18c=; b=F11AWov5sOnhf4Gdo6MHxh49HQz8
	Xvwjzjf1ScDxmAQsAMqzQF+TVQqGAvuyTgLvfGPqy79VNXpRUKAXfCarc+6RxH5O
	XBzeC2T7BGIp+ulblaIUonxWfQ/Iv9qyAUcnSB5qmHlAJCVg8nRNZKQFbgftF+EH
	W0cJC1mnf89+/ZM=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-4.1 required=5.0 tests=AWL,BAYES_50,FSL_HELO_BARE_IP_2,RCVD_IN_DNSWL_LOW,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=no version=3.3.2
X-HELO: plane.gmane.org
To: cygwin AT cygwin DOT com
From: Achim Gratz <Stromeko AT NexGo DOT DE>
Subject: Re: Mcafee e'prise false positive on (x86) texlive-collection-fontsrecommended?
Date: Tue, 28 Jul 2015 08:51:51 +0000 (UTC)
Lines: 15
Message-ID: <loom.20150728T104943-144@post.gmane.org>
References: <55B7413D DOT 1040308 AT shaddybaddah DOT name>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
User-Agent: Loom/3.14 (http://gmane.org/)
X-IsSubscribed: yes

Shaddy Baddah <lithium-cygwin <at> shaddybaddah.name> writes:
> Is this a false positive on the part of the Virus Scanner? Or, as the
> package is dated from before the vulnerability report, does the package
> need an update?

My guess is that it's a false positive.  The scanner likely deletes all OTF
fonts not explicitly whitelisted since it'd be hard to figure out during
scan if the font triggers the bug (much less if it provides any malicious
behaviour).  Please report to McAfee.


Regards,
Achim.




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple