Hello,
I wanted to report that this file flagged as malware from clamav on Friday 9/21/2018.
file: csv_builder_spec.rb
sha256sum: 1bf2924013d8bc56088bd6ac3e182d3bdd9455dd8746eb605c4c00f31612b15c
path: /opt/gitlab/embedded/service/gitlab-rails/ee/spec/lib/csv_builder_spec.rb
clamav output:
------------------ BEGIN SCAN ------------------
Scanning /opt
/opt/gitlab/embedded/service/gitlab-rails/ee/spec/lib/csv_builder_spec.rb: Win.Downloader.DDECmdExec-6683887-0 FOUND
Versions:
GitLab 10.7.3-ee
GitLab Shell 7.1.2
GitLab Workhorse v4.1.0
GitLab API v4
Ruby 2.3.6p384
Rails 4.2.10
postgresql 9.6.8
I downloaded the file and scanned it myself to verify if this was a false positive or not, and clamav is still reporting the file as malware.
Can I get verification if this is a false positive or not from anyone else?
Thanks!