Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   Vulnerability?, posted by Alessandro Petrolini on Thu Mar 3 08:26:40 2022 
    icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Thu Mar 3 16:49:40 2022 
       icon2.gif   Re: Vulnerability?, posted by Alessandro Petrolini on Fri Mar 4 08:51:24 2022 
          icon2.gif   Re: Vulnerability?, posted by Alessandro Petrolini on Sun Mar 6 09:00:33 2022 
             icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Sun Mar 6 17:33:04 2022 
                icon2.gif   Re: Vulnerability?, posted by Stefan Ritt on Mon Mar 7 08:49:41 2022 
                   icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Mon Mar 7 14:30:16 2022 
                   icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Mon Mar 7 17:46:39 2022 
                      icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Wed Mar 9 17:55:31 2022 elog-3.1.4-1ebfd06c-win64.zip
                         icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Tue Apr 19 15:47:59 2022 
                            icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Tue Apr 19 17:02:57 2022 
                               icon2.gif   Re: Vulnerability?, posted by Daniel Pfuhl on Tue Apr 19 20:13:04 2022 
                                  icon2.gif   Re: Vulnerability?, posted by Jan Just Keijser on Fri Apr 22 17:10:24 2022 
                   icon2.gif   Re: Vulnerability?, posted by Laurent Jean-Rigaud on Mon Mar 7 22:07:54 2022 elog-3.1.4-395e101.zip
                   icon2.gif   Re: Vulnerability?, posted by Florian Heigl on Mon Apr 18 19:16:36 2022 
                      icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 19 21:15:19 2022 
                         icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Fri Apr 22 21:15:37 2022 
                            icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 26 17:39:49 2022 
                               icon2.gif   history of long-removed freebsd package, Re: Vulnerability?, posted by Konstantin Olchanski on Tue Apr 26 18:03:03 2022 
                               icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Wed Apr 27 19:36:25 2022 
                      icon12.gif   Re: Vulnerability?, posted by Andreas Luedeke on Fri Apr 22 12:55:21 2022 
       icon2.gif   Re: Vulnerability?, posted by Konstantin Olchanski on Sat Apr 23 18:05:57 2022 
Message ID: 69518     Entry time: Fri Apr 22 12:55:21 2022     In reply to: 69507
Icon: Blink  Author: Andreas Luedeke  Author Email: andreas.luedeke@psi.ch 
Category: Question  OS: Windows  ELOG Version: 3.1.4-a04faf9f 
Subject: Re: Vulnerability? 
 
> it would be good if the current state was listed in https://elog.psi.ch/elogs/Vulnerabilities/ 
> It seems there's now updated builds for at least windows, and the debian package still outdated?
> 
> Personally, I don't think removing download links and pulling packages should be more than a temporary measure.
> Treating people fairly IMHO means they should be able to reach a safe version by the same means that brought and left them exposed.
> 
> A clear central source would be best, one that has 
> 
> - package autobuilds
> - source
> - cve list
> 
> If I understand correctly, currently only the source is up to date?
> 
> 
> (I found py_elog on Github, so it could be an easy option to mirror ELOG there and let some free service handle the autobuilds.
> I don't know how well one can flag vulnerabilities there, but likely it's possible, and ideally more people would help there.)
> 
> 
> p.s.: My hat is off to the sysadmin who checked carefully, I wanted to introduce ELOG in a windows-centric place and I can't swear I would have checked this (official) download as well.

Very good ideas! Go ahead and implement them! We very much appreciate your contribution.
ELOG V3.1.4-bcd7b50