Created attachment 566396 [details] emerge --info During a routine upgrade I also ran a system wide clanscan and it reported that: ./distfiles/teckit-2.5.6.tar.gz: Doc.Malware.Sagent-6865733-0 FOUND I dug around a bit and discovered that it is a dependency of texlive-core when xetex is installed: app-text/texlive-core-2017-r4 (xetex ? >=app-text/teckit-2.5.3) I have not tried to install previous version of teckit and texlive-core to see if they are likewise infected -- as there are only a single version of each in the main portage tree. I have therefore removed texlive-xetex and teckit, disabled the xetex use flag, and rebuilt all dependencies to verify that teckit is not included back on the system. I have not reproduced this or verified that it is not a false positive. That said I thought it prudent to report ASAP. Sorry to drop this on you BUT... EBo --
Seems like the files in teckit-2.5.6.tar.gz were last modified 2016-05-30 22:37 and only clamav reports this. https://www.virustotal.com/#/file/a27bcee822111efe56ee0c9047d6ed5d8cb1b5005c372517c42c4a7552884105/detection I think it's a false positive.
Now it's clean in all AV: https://www.virustotal.com/#/url/11c3a39e4e29b2126636da303da3cc37aca0109598e0162b78aeba88bfb6e9f9/detection Fixed on clamav side.
# clamscan /usr/portage/distfiles/teckit-2.5.6.tar.gz /usr/portage/distfiles/teckit-2.5.6.tar.gz: OK ----------- SCAN SUMMARY ----------- Known viruses: 6826807 Engine version: 0.101.1 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 32.18 MB Data read: 2.38 MB (ratio 13.51:1) Time: 31.633 sec (0 m 31 s) # freshclam ClamAV update process started at Mon Mar 4 07:55:54 2019 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd is up to date (version: 25377, sigs: 2267948, f-level: 63, builder: raynman) bytecode.cvd is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)
Confirmed. Thank you, and sorry for any inconvenience. =========================================== /usr/portage/distfiles/teckit-2.5.6.tar.gz: OK ----------- SCAN SUMMARY ----------- Known viruses: 6826807 Engine version: 0.101.1 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 32.18 MB Data read: 2.38 MB (ratio 13.51:1) Time: 31.156 sec (0 m 31 s)