Cisco Secure Endpoint quarantines - python_gdcm-3.0.23-cp310-cp310-win_amd64.whl

Question

Cisco Secure Endpoint quarantines - python_gdcm-3.0.23-cp310-cp310-win_amd64.whl

Opened this issue a year ago · 4 comments

We are seeing the python_gdcm-3.0.23-cp310-cp310-win_amd64.whl install by pip get flagged as potentially malicious and quarantined. Reviewed the File Analysis from Cisco Secure Endpoint and believe this to be a false positive (largely driven by 'PE references CreateToolhelp32Snapshot without import.'), wanted to make the maintainers aware

python_gdcm-3.0.23-cp310-cp310-win_amd64.docx

Answer 1 · 2024-03-13T22:00:58.000Z

I think it's because it was using a old version of openssl. I updated it to last openssl version. Try to check it https://we.tl/t-VJToO7GMe6

Answer 2 · 2024-03-28T17:36:08.000Z

@tfmoraes, would you be able to reshare the link to download the wheel with updated OpenSSL version? The link has expired

Answer 3 · 2024-03-28T23:04:07.000Z

Try this https://we.tl/t-vT1oUpmFj3

Answer 4 · 2024-03-29T21:04:36.000Z

Thank you very much, ZIP downloaded. I have a commitment from the researchers using this package to test the install of the update .whl and report back early next week (particularly if our EDR tools are still quarantining the file).