Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   Vulnerability?, posted by Alessandro Petrolini on Thu Mar 3 08:26:40 2022 
    icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Thu Mar 3 16:49:40 2022 
       icon2.gif   Re: Vulnerability?, posted by Alessandro Petrolini on Fri Mar 4 08:51:24 2022 
          icon2.gif   Re: Vulnerability?, posted by Alessandro Petrolini on Sun Mar 6 09:00:33 2022 
             icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Sun Mar 6 17:33:04 2022 
                icon2.gif   Re: Vulnerability?, posted by Stefan Ritt on Mon Mar 7 08:49:41 2022 
                   icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Mon Mar 7 14:30:16 2022 
                   icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Mon Mar 7 17:46:39 2022 
                      icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Wed Mar 9 17:55:31 2022 elog-3.1.4-1ebfd06c-win64.zip
                         icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Tue Apr 19 15:47:59 2022 
                            icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Tue Apr 19 17:02:57 2022 
                               icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Tue Apr 19 20:13:04 2022 
                                  icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Fri Apr 22 17:10:24 2022 
                   icon2.gif   Re: Vulnerability?, posted by Laurent Jean-Rigaud on Mon Mar 7 22:07:54 2022 elog-3.1.4-395e101.zip
                   icon2.gif   Re: Vulnerability?, posted by Florian Heigl on Mon Apr 18 19:16:36 2022 
                      icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 19 21:15:19 2022 
                         icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Fri Apr 22 21:15:37 2022 
                            icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 26 17:39:49 2022 
                               icon2.gif   history of long-removed freebsd package, Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 26 18:03:03 2022 
                               icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Wed Apr 27 19:36:25 2022 
                      icon12.gif   Re: Vulnerability?, posted by Andreas Luedeke on Fri Apr 22 12:55:21 2022 
       icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Sat Apr 23 18:05:57 2022 
Message ID: 69490     Entry time: Mon Mar 7 17:46:39 2022     In reply to: 69488     Reply to this: 69493
Icon: Reply  Author: Jan Just Keijser  Author Email: janjust@nikhef.nl 
Category: Question  OS: Windows  ELOG Version: 3.1.4-a04faf9f 
Subject: Re: Vulnerability? 
> > I trust Stefan is reading this thread and will do something about it. My vote would
> > be to remove the download link to the windows executables and ask Debian to remove
> > the elog package. I think they have a way for upstream developers (Stefan) to request
> > removal of unmaintained out-of-date insecure versions of their stuff. ROOT
> > was in the same situation years ago, the Debian package for ROOT was very old version,
> > also built incorrectly, and everybody complained to us that our stuff does
> > not work (midas, rootana, etc).
> 
> Yeah, I have to recompile the Windows version. Unfortunately my old Windows PC is gone, I
> switched now completely to MacOSX and Linux. Probably have to borrow something from somewhere.
> If anybody can compile the Windows version with the current source code I would be happy.
> 
> Stefan

FWIW: you could cross-compile on Linux using 
   make CC=x86_64-w64-mingw32-gcc CFLAGS="-D_MSC_VER -DHAVE_VASPRintF -Imxml" LIBS="-Wl,--allow-multiple-definition -ladvapi32 -lwsock32 -lssl -lcrypto"
or so I thought... with build 3.1.4 - 395e101 I did manage, finally. 
However, with the latest git version everything seems to have been renamed to .cxx files (though it's still plain C ??!?!?) and my quick and dirty compile hack did not work. The binaries do work, I can start the server and access it via the web interface.
ELOG V3.1.5-fe60aaf