CentOS 7 - tini version detected as malware
migounette opened this issue · 5 comments
Can you confirm that tini binary has the correct signature and it has not been corrupted from a stolen account
Report: https://www.virustotal.com/gui/file/c5b0666b4cb676901f90dfcb37106783c5fe2077b04590973b885950611b30ee
The original problem is from Jenkins LTS - jenkins/jenkins:2.303.3-lts-centos7
bash-4.2$ /usr/sbin/tini --version
tini version 0.19.0 - git.de40ad0
bash-4.2$ sha256sum /usr/sbin/tini
c5b0666b4cb676901f90dfcb37106783c5fe2077b04590973b885950611b30ee /usr/sbin/tini
# Download from the official site of tini
bash-4.2$ curl -fsSL https://github.com/krallin/tini/releases/download/v0.19.0/tini-static-amd64 -o /tmp/tini
bash-4.2$ curl -fsSL https://github.com/krallin/tini/releases/download/v0.19.0/tini-static-amd64.asc -o /tmp/tini.asc
bash-4.2$ gpg --batch --verify ./tini.asc ./tini
gpg: Signature made Sun 19 Apr 2020 05:39:43 PM UTC using RSA key ID 0527A9B7
gpg: Good signature from "Thomas Orozco <thomas@orozco.fr>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6380 DC42 8747 F6C3 93FE ACA5 9A84 159D 7001 A4E5
Subkey fingerprint: 595E 85A6 B1B4 779E A4DA AEC7 0B58 8DFF 0527 A9B7
bash-4.2$ sha256sum ./tini
c5b0666b4cb676901f90dfcb37106783c5fe2077b04590973b885950611b30ee ./tini
Conclusion: binaries are identical but McAfee virus reportes a presence of malware
Can you confirm that is false positive by enforcing the fact that the binary signature is the good one.
This is the expected file — this looks like a false positive from whichever AV you're using.
Follow the link: https://www.virustotal.com/gui/file/c5b0666b4cb676901f90dfcb37106783c5fe2077b04590973b885950611b30ee
tini 0.19.0 has been uploaded for demonstration
Thanks for your input
My bad... I thought that was a question
from whichAV you're using :)
Conclusion - False Positive I will link the ISSUE to jenkins thanks