Cisco Secure Endpoint quarantines - python_gdcm-3.0.23-cp310-cp310-win_amd64.whl

[jrineck]

We are seeing the python_gdcm-3.0.23-cp310-cp310-win_amd64.whl install by pip get flagged as potentially malicious and quarantined. Reviewed the File Analysis from Cisco Secure Endpoint and believe this to be a false positive (largely driven by 'PE references CreateToolhelp32Snapshot without import.'), wanted to make the maintainers aware

python_gdcm-3.0.23-cp310-cp310-win_amd64.docx

[tfmoraes]

I think it's because it was using a old version of openssl. I updated it to last openssl version. Try to check it https://we.tl/t-VJToO7GMe6

[jrineck]

@tfmoraes, would you be able to reshare the link to download the wheel with updated OpenSSL version? The link has expired

[tfmoraes]

Try this https://we.tl/t-vT1oUpmFj3

[jrineck]

Thank you very much, ZIP downloaded. I have a commitment from the researchers using this package to test the install of the update .whl and report back early next week (particularly if our EDR tools are still quarantining the file).