SDL icon indicating copy to clipboard operation
SDL copied to clipboard

Published 20 hours ago verified publisher icon libsdl-org

SDL2.dll included in versions 2.28.4 and 2.28.5 are flagged as containing a trojan by virustotal

Open rubenlg opened this issue 5 months ago • 1 comments

Surprisingly, the zip itself is marked as clean by the virustotal tool, but when uploading just the DLL, it's flagged as containing the Rugmi trojan.

I couldn't find any mention of this in the issues, and this DLL is included downstream in other open source packages, such as adventuregamestudio in the version 3.6.1, so I thought it was important to raise this.

I'm not familiar enough with Windows to be able to debug any further. Is this an actual issue, and should these versions be removed, or is it a false positive?

rubenlg avatar Jun 16 '25 11:06 rubenlg

I already tested 2.28.3 and 2.29.1 and these seem clean.

rubenlg avatar Jun 16 '25 11:06 rubenlg

What’s the URL where you’re downloading the affected versions?

slouken avatar Jun 16 '25 12:06 slouken

Yes I can see this, too, using release from GH https://www.virustotal.com/gui/file/f89c0b06883ae03bf82c1ecd3524d3baf07660933fda59039b9d43e9d2593981

BTW for AGS 3.6.1 specifically you can roll SDL2 .dll forward manually, I recommend at least 2.30.8 which has been used in recent commercial releases.

mausimus avatar Jun 16 '25 12:06 mausimus

What’s the URL where you’re downloading the affected versions?

I was downloading them from this github repo:

https://github.com/libsdl-org/SDL/releases

These are the direct links to the ZIP files with the potentially problematic DLLs: https://github.com/libsdl-org/SDL/releases/download/release-2.28.4/SDL2-2.28.4-win32-x86.zip https://github.com/libsdl-org/SDL/releases/download/release-2.28.5/SDL2-2.28.5-win32-x86.zip

rubenlg avatar Jun 16 '25 13:06 rubenlg