-
|
when i downloaded it i got warned for a trojan and so i scanned it and found "Not-a-virus.ZipBomb," " |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi @wolfycom4, it sounds like you downloaded the wrong thing. If you instead download the source code, there is indeed a zip bomb in the data for CKAN's testing suite, which we use to ensure that CKAN is not vulnerable to such an attack. This file is not included in the application builds that are provided to users. See #4501 for a previous discussion of this. |
Beta Was this translation helpful? Give feedback.
Hi @wolfycom4, it sounds like you downloaded the wrong thing.
You should download one of the compiled assets from the release, which are scanned for malware and then signed:
If you instead download the source code, there is indeed a zip bomb in the data for CKAN's testing suite, which we use to ensure that CKAN is not vulnerable to such an attack. This file is not included in the application builds that are provided to users.
See #4501 for a previous discussion of this.