www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Murphy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-12508) I want to report that your latest distibution contains a Trojan
Date Fri, 26 Aug 2016 20:02:20 GMT

    [ https://issues.apache.org/jira/browse/INFRA-12508?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15439706#comment-15439706
] 

Robert Murphy commented on INFRA-12508:
---------------------------------------

I Sebb,

I used the utility HashCalc, which gave back the same hashes as you posted below for the Windows
Installer download.

I updated MSE and I suppose that I’ll run the installer again and see if it traps it again.




From: Sebb [mailto:jira@apache.org]
Sent: Friday, August 26, 2016 2:47 PM
To: Murphy, Robert
Subject: [jira] [Apache Infrastructure] I want to report that your latest distibution contains
a Trojan

New comment for the request "I want to report that your latest distibution contains a Trojan"
with key INFRA-12508 has been added...
Apache Infrastructure - Something else... <https://issues.apache.org/jira/servicedesk/customer/portal/1>

Reference: INFRA-12508<https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>


I want to report that your latest distibution contains a Trojan<https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>
Waiting for Infra

Sebb
Today 19:45
There are various tools for calculating hashes.

I have used http://implbits.com/products/hashtab/ successfully in the past.

Note: I tried downloading from http://www.groovy-lang.org/download.html
The default download is called apache-groovy-sdk-2.4.7.zip which is different from what you
reported

However there is also a Windows Installer download which is https://dl.bintray.com/groovy/Distributions/groovy-2.4.7-installer.exe
This was the same size, i.e. 52,613,519 bytes
I get the following hashes:
MD5 5278DB2AB0F0D1D45317CE1B7D76F61D
SHA1 C65A3E9C2FD68356DB858643C092D12C4A700092

I tried scanning it with an uptodate version of MS Essentials - no problems reported
I then ran the installer and checked the directory structure - again no problem


You can view the full request<https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>

Previous activity
Robert Murphy
Today 19:28
How do you want me to obtain the hash of the .exe?

r

From: Sebb [mailto: jira@apache.org<mailto:jira@apache.org>]
Sent: Friday, August 26, 2016 2:10 PM
To: Murphy, Robert
Subject: [jira] [Apache Infrastructure] I want to report that your latest distibution contains
a Trojan

New comment for the request "I want to report that your latest distibution contains a Trojan"
with key INFRA-12508<https://issues.apache.org/jira/browse/INFRA-12508> has been added...
Apache Infrastructure - Something else... < https://issues.apache.org/jira/servicedesk/customer/portal/1>

Reference: INFRA-12508<https://issues.apache.org/jira/browse/INFRA-12508>< https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>


I want to report that your latest distibution contains a Trojan< https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>
Waiting for Infra

Sebb
Today 19:09
Where did you get the distribution from?

What is the hash of the file that you downloaded?


You can view the full request< https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>

Previous activity
Robert Murphy
Today 18:59
Screenshot from Microsoft Security Essentials

!MSE_Groovy2_4_7.PNG|thumbnail!

Robert Murphy
Today 18:58
Sorry, I should have specified that the distribution that I was referring to is Groovy 2.4.7.


Details
Description

Your latest distribution, 2.4.7 contains the Trojan Rundas!plock in its uninstall.exe. If
you wish to contact me for further information, use robert.murphy@harman.com<mailto:robert.murphy@harman.com><mailto:
robert.murphy@harman.com<mailto:robert.murphy@harman.com>>

(I have no idea what to fill out for the Component field, and I can't spare the time today
to figure it out.)

Thank you

Component/s

Dists





This message is automatically generated by JIRA Service Desk.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA Service Desk, see: http://www.atlassian.com/software/jira/service-desk


Robert Murphy
Today 19:25
Downloaded from: http://www.groovy-lang.org/download.html

The installer is groovy-2.4.7-installer.exe, dated 8/24/2016 4:04 pm size 52,613,519 bytes

Sebb
Today 19:09
Where did you get the distribution from?

What is the hash of the file that you downloaded?


2 older messages<https://issues.apache.org/jira/servicedesk/customer/portal/1/INFRA-12508>



Details
Description

Your latest distribution, 2.4.7 contains the Trojan Rundas!plock in its uninstall.exe. If
you wish to contact me for further information, use robert.murphy@harman.com<mailto:robert.murphy@harman.com>

(I have no idea what to fill out for the Component field, and I can't spare the time today
to figure it out.)

Thank you

Component/s

Dists





This message is automatically generated by JIRA Service Desk.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA Service Desk, see: http://www.atlassian.com/software/jira/service-desk




> I want to report that your latest distibution contains a Trojan
> ---------------------------------------------------------------
>
>                 Key: INFRA-12508
>                 URL: https://issues.apache.org/jira/browse/INFRA-12508
>             Project: Infrastructure
>          Issue Type: Bug
>          Components: Dists
>            Reporter: Robert Murphy
>         Attachments: MSE_Groovy2_4_7.PNG
>
>
> Your latest distribution, 2.4.7 contains the Trojan Rundas!plock in its uninstall.exe.
 If you wish to contact me for further information, use robert.murphy@harman.com
> (I have no idea what to fill out for the Component field, and I can't spare the time
today to figure it out.)
> Thank you



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message