ryotakatsuki

The problem is not libtiff. The files marked as malicious are in the test images. I created a version of Img-1.4.17 without afltestimgs.7z (I just decompressed, deleted, and recompressed) that have no detections: Img-1.4.17-no-afltestimgs.tar.gz https://www.virustotal.com/gui/file/3eee28c2e6daf343a538d8f7bcbf738dd43808465683f6a0d6962c212f5303d5?nocache=1 And here is just the test images (afltestimgs.7z): afltestimgs.7z https://www.virustotal.com/gui/file/f1b1e7d00ea1358981305c0e3dd3f3238ec977395...

If you could remove the afltests, it would be awesome :) Thanks!

I don't think any tiff image will trigger the detection. The CVEs mentioned in the detection names are related to a vulnerability that allowed especially crafted tiff images to execute code, so maybe the problematic tiff image is one of those (I assume that it would be for testing purposes).

Hi, The tarball for more recent 1.4.* versions (at least 1.4.17, 1.4.16 and 1.4.15) is marked as malicious in virustotal: https://www.virustotal.com/gui/file/4607abc6d8aa92f6e4f9b337db1df90e76a2dafdf2d53eff296b68ae63bf81aa The cause seems to be the afltests.zip file contained in the tests (beause of id_009971,src_009965,op_flip1,pos_8.tif): https://www.virustotal.com/gui/file/f1b1e7d00ea1358981305c0e3dd3f3238ec977395cfd689623283903e57b4205/relations The asset may be used in the tests and be there...