Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Perl source code archive perl-5.28.0.tar.gz triggers CVE2015-1592 alert in McAfee #280
The file dist/Storable/t/CVE-2015-1592.inc triggers a trojan alert in the McAfee scanner.
It would be helpful to report this false positive to McAfee so they can update their database.
Alternatively, the file could be obfuscated and re-assembled as part of the build, so that this process does not have to be repeated for every release.
The file triggers a pop-up on my computer:
Symantec Endpoint Protection Notification:
Scan type: Auto-Protect Scan
Thanks. I've forwarded this to perl5-security-report. https://perldoc.perl.org/perlsec.html#SECURITY-VULNERABILITY-CONTACT-INFORMATION