qt5-qtwebengine @5.15.2: Contains malware???

[josephsacco]

AVG AntiVirus reports that qt5-qtwebengine @5.15.2: Contains malware:

Threat name: JS:Downloader-RKT [Tool]

Infected File: syntactic-analysis.md

-Joseph

[jmroot (Joshua Root)]

This should be verified of course, but AV software is notorious for false positives. At first glance it seems very unlikely that a markdown file could act as a malware vector. Ask AVG to double check and update their definitions if needed.

[josephsacco]

I submitted the file to AVG for analysis. Whether or not they respond is unknown.

Note also that qt5-qtwebengine @5.15.2 does not build under Monterey.

-Joseph

[chrstphrchvz (Christopher Chavez)]

Replying to josephsacco:

Note also that qt5-qtwebengine @5.15.2 does not build under Monterey.

Fixed in qt5-qtwebengine @5.15.7_0: #63725

[chrstphrchvz (Christopher Chavez)]

Does the reporter still have the full path of where the syntactic-analysis.md file was found? From looking online, the only likely source of that file seems to be jQuery Esprima, which chromium appears to have used (and qtwebengine uses chromium internally). But I am not finding this file anywhere in qtwebengine 5.15.8 sources or build output. Maybe this issue has disappeared since 5.15.2.

[josephsacco]

Christopher,

We all love issues that quietly resolve themselves. Version 5.15.7 of qt5-qtwebengine downloads, and builds without incident. The errant file, syntactic-analysis.md, is nowhere to found: before, during, or after the build.

-Joseph