Closed ggandor closed 3 years ago
This seems to be a valid threat
I don't understand what this means. Are you saying that fennel-lang.org was compromised and the binaries hosted on that site were replaced with versions containing malware?
Oh, I meant Win32/Uwamson.A!ml
seems to be some actual, potentially dangerous malware.
Are you saying that fennel-lang.org was compromised and the binaries hosted on that site were replaced with versions containing malware?
I guess...(?) I wanted to upgrade to 0.9.2, but was unable to execute it, access was denied immediately. It's the same with any of the Windows binaries that I download from fennel-lang.org now.
Oh, I meant Win32/Uwamson.A!ml seems to be some actual, potentially dangerous malware.
Sorry, that doesn't really make things any clearer. I have never heard of Win32/Uwamson.A!ml
before; how is it related to Fennel?
What makes you think that this is not a false positive?
I have never heard of Win32/Uwamson.A!ml before; how is it related to Fennel?
No idea, I haven't heard of it before either. I have found a more or less recent, related issue: https://github.com/clangen/musikcube/issues/436 This could be some false positive after all, but even if that is the case, the problem still persists, namely that the OS simply doesn't allow to run the .exe files now. (There doesn't seem to be any way to circumvent the restriction.)
Sure, OK. But I don't see how this is a problem with Fennel; it seems like an issue with your OS. Nothing much we can do on our side.
I see, but the maintainer wrote in that linked issue that a Visual Studio update + recompilation solved the problem for them, so I thought maybe something could be done after all.
OK, I see; maybe you can build from source and use that to work around your problem.
I had to upload a new version to fix an unrelated issue with #351 so you can see if it still flags the new version.
The new version of 0.9.2 works, it's not flagged anymore. Thank you for your assistance!
This seems to be a valid threat, not a false positive. I have tried all the ones above 0.9, with the same result. The Linux binaries seem fine, at least the most recent one.