Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Virus Total Flagging latest Buildozer Darwin Amd64 as infected #1229

Open
carolosfw opened this issue Jan 15, 2024 · 2 comments
Open

Virus Total Flagging latest Buildozer Darwin Amd64 as infected #1229

carolosfw opened this issue Jan 15, 2024 · 2 comments

Comments

@carolosfw
Copy link

carolosfw commented Jan 15, 2024
edited

https://www.virustotal.com/gui/file/d29e347ecd6b5673d72cb1a8de05bf1b06178dd229ff5eb67fad5100c840cc8e?nocache=1

VirusTotal has detected some issues and the sandbox seems to detect some strange behaviour.

Just want to confirm if this is a false positive or possibly a supply chain attack.
@vladmos
Copy link
Member

vladmos commented Jan 23, 2024

Which version does it analyze? Where does it take it from? The file name is buildozer-darwin-amd64-2 which is a bit suspicious because the files uploaded to Github releases don't contain the -2 suffix.

@carolosfw
Copy link
Author

Try upload this file to virus total:
https://github.com/bazelbuild/buildtools/releases/download/v6.4.0/buildozer-darwin-amd64

The -2 was introduced while I was testing multiple versions.

The last version that doesn't have this issue is 6.0.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vladmos @carolosfw