Skip to content

[SECURITY] Fixes malicious software reports and being flagged as trojan #957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

[SECURITY] Fixes malicious software reports and being flagged as trojan #957

wants to merge 2 commits into from

Conversation

@alexis-opolka
Copy link
Collaborator

@alexis-opolka alexis-opolka commented Mar 16, 2025
edited
Loading

This PR aims to fix the security reports raised by Windows Defender and VirusTotal.

https://www.virustotal.com/gui/file/a4672b879ef32f9254c575dd548ea787bafe0827da1c6f93a65411a75a7121b2/detection

I am waiting to check a packaged version from an automated release on my fork but it seems the issue was from crossterm 0.28.0 which has been yanked (see here) from the creates registry in favor of 0.28.1(see here)

Fixes #869

@alexis-opolka
Tries to fix security issue
7af8c6b 
Signed-off-by: alexis-opolka <[email protected]>
@alexis-opolka
Copy link
Collaborator Author

The packaged version built with the CI/CD is still flagged on VirusTotal: https://www.virustotal.com/gui/file/430acdb902527a1b060b512bfbf70bf16ec99fb5f7606771812b6bfc36512507?nocache=1

It seems that Windows Defender doesn't flag the executable as a trojan anymore.

@alexis-opolka
Copy link
Collaborator Author

alexis-opolka commented Mar 16, 2025
edited
Loading

After multiple tests, it seems that what causes thoses issues is the scripts/dot script which in turn calls the scripts/rust/release script inside the dotfiles repository.

The scan below is of the file that has been built locally with cross and then put into a .zip, it's not flagged by any security provider: www.virustotal.com/gui/file/a86f9ee032c4856dd2087a87d187cdd86ef8a4279a6ec25634649b07d3b2e000/detection

@alexis-opolka
Copy link
Collaborator Author

@denisidoro, what do you want to do? Those are your scripts.

@denisidoro
Copy link
Owner

I think the issue is the use of upx: https://github.com/denisidoro/dotfiles/blob/master/scripts/rust/release#L71

We can disable it for Windows

@alexis-opolka
Copy link
Collaborator Author

alexis-opolka commented Mar 19, 2025
edited
Loading

@denisidoro Do you want me to make a PR on the dotfiles repository or do you want to do it yourself?

This was referenced Mar 25, 2025
Closed
Open
@alexis-opolka alexis-opolka self-assigned this Mar 29, 2025
@alexis-opolka
Cargo fmt
0f31b4d 
Signed-off-by: alexis-opolka <[email protected]>
This was referenced Apr 7, 2025
Merged
Open
@alexis-opolka
Copy link
Collaborator Author

alexis-opolka commented Apr 8, 2025
edited
Loading

This PR is deprecated in favor of #971.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@denisidoro denisidoro Awaiting requested review from denisidoro denisidoro is a code owner

Assignees

@alexis-opolka alexis-opolka

Labels

security windows

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security concern about Windows binary (v2.23.0)

2 participants

@alexis-opolka @denisidoro