[Haskell-cafe] Bamse package virus false positive

Isaac Potoczny-Jones ijones at galois.com
Tue Mar 22 22:39:36 CET 2011

We have realized that a file in the Bamse distribution in Hackage is 
being flagged by some virus scanners as malicious, including Symantec 
and McAfee.

We have worked with Microsoft, Symantec, and McAfee to analyze the data. 
All parties have concluded that this file is not malicious, but we 
wanted to let the community know in case you run across a similar issue. 
We have notified the maintainer.

Symantec and McAfee have updated their rules accordingly and will no 
longer flag this file, but other virus scanners might continue to flag it.

Note that if you use Bamse to build MSI packages, inclusion of this file
could cause some scanners to flag the package. The details of this file 
are as follows:

File name: Folder.exe
File Size: 83249 byte
MD5: 9f939a06344af9b242a7b43849defb40
SHA1: a9faf0915d1ea142b161bec57792ef2ca379ce5b
URL: http://hackage.haskell.org/package/bamse

 From the package description: "Bamse is a framework for building 
Windows Installers for your Windows applications, giving you a 
comprehensive set of features to put together MSIs using Haskell."



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5880 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20110322/952fcc45/attachment.bin>

More information about the Haskell-Cafe mailing list