It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Sourcetree 4.0 Malware Detection

Hi there,

this is Marc. I am responsible for macOS SW deployment at my customer with munki / autopkg.

Today we received Major Update for Sourcetree 4.0 (i think Build 229). After rollout our Anitvirus Protection (Symantec) reports Malware detection with Sourcetree 4.0 and deletes it. I double checked it with another Antivirus Protection (ClamXav) which also reports Malware (Osx.Malwareagent-7360826-0).

I think it is a false positiv. But i would like to know if this issue was already addressed to you and if it will be fixed in upcoming Version of Sourcetree?

 

Thanks and kind regards
Marc

 

5 answers

1 vote
Mike Corsaro Atlassian Team Oct 30, 2019

Hello! This is a false positive. For all released builds we scan both applications using Symantec Cloud Workload Protection for Storage, and for a fallback we use ClamAV.

Daniel Eads Atlassian Team Oct 30, 2019

@Marc D. I've submitted these false positives to both Symantec and ClamXAV. Thank you for including the detailed information about which scanners reported issues!

Like Marc D. likes this

Thanks for reply and info. 

Have a nice day.

@Daniel Eads,

Webroot Secure Anywhere also flags 4.0_229 as uncategorized malware. Perhaps a submission to Webroot is also warranted.

Daniel Eads Atlassian Team Oct 31, 2019

Submitted to Webroot, thanks @Taras !

My case is the same. I am using BitDefender. This problem prevents you from using SourceTree.

Daniel Eads Atlassian Team Oct 30, 2019

@gratin9 Thanks for letting us know about this - I've submitted a false positive report to Bitdefender and hopefully it will be corrected in their detections shortly. In the meantime, you can follow their steps for creating an exclusion to get SourceTree running.

Oh really atlassian. Remove my comment... 

Daniel Eads Atlassian Team Oct 30, 2019

Hey @_ficu ,

Community's spam detection tool flagged your answer as spam because it had a high number of edits in a short period of time. I've marked it as not spam. Just a heads up about doing that in the future, the system might flag posts with a lot of edits again.

Some one from attlasian team should refer to these revelations

Thanks for the suggested answers. See more explanations here: https://community.atlassian.com/t5/Sourcetree-questions/Mac-Major-v-4-0-update-proposal/qaqsite-p/1212814 .The topic is similar. I hope it hepls you.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Sourcetree

Sourcetree for Windows - CVE-2019-11582 - Remote Code Execution vulnerability

A vulnerability has been published today in regards to Sourcetree for Windows.  The goal of this article is to give you a summary of information we have gathered from Atlassian Community as a st...

4,955 views 0 12
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you