ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
69487
|
Sun Mar 6 17:33:04 2022 |
| Konstantin Olchanski | olchansk@triumf.ca | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? | > > > The CVEs you refer to are very old and have been fixed a long time ago.
>
> Am I wrong that the windows executable version on the site is dated 2018? 3.1.4-2?
I confirm. Windows executables at https://elog.psi.ch/elog/download/windows/
and Debian packages at https://packages.debian.org/search?keywords=elog all
appear to be older than the cve fixes.
I trust Stefan is reading this thread and will do something about it. My vote would
be to remove the download link to the windows executables and ask Debian to remove
the elog package. I think they have a way for upstream developers (Stefan) to request
removal of unmaintained out-of-date insecure versions of their stuff. ROOT
was in the same situation years ago, the Debian package for ROOT was very old version,
also built incorrectly, and everybody complained to us that our stuff does
not work (midas, rootana, etc).
K.O. |
69488
|
Mon Mar 7 08:49:41 2022 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? | > I trust Stefan is reading this thread and will do something about it. My vote would
> be to remove the download link to the windows executables and ask Debian to remove
> the elog package. I think they have a way for upstream developers (Stefan) to request
> removal of unmaintained out-of-date insecure versions of their stuff. ROOT
> was in the same situation years ago, the Debian package for ROOT was very old version,
> also built incorrectly, and everybody complained to us that our stuff does
> not work (midas, rootana, etc).
Yeah, I have to recompile the Windows version. Unfortunately my old Windows PC is gone, I
switched now completely to MacOSX and Linux. Probably have to borrow something from somewhere.
If anybody can compile the Windows version with the current source code I would be happy.
Stefan |
69489
|
Mon Mar 7 14:30:16 2022 |
| Daniel Pfuhl | daniel.pfuhl@medizin.uni-leipzig.de | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? |
>
> Yeah, I have to recompile the Windows version. Unfortunately my old Windows PC is gone, I
> switched now completely to MacOSX and Linux. Probably have to borrow something from somewhere.
> If anybody can compile the Windows version with the current source code I would be happy.
>
> Stefan
That would be most welcome!
I tried to recompile the windows version a while ago but didn't manage it.
I'm just a simple ELOG __user__ ^^
Looking forward to the new precompiled Windows version.
Thnx in advance!
daniel |
69490
|
Mon Mar 7 17:46:39 2022 |
| Jan Just Keijser | janjust@nikhef.nl | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? | > > I trust Stefan is reading this thread and will do something about it. My vote would
> > be to remove the download link to the windows executables and ask Debian to remove
> > the elog package. I think they have a way for upstream developers (Stefan) to request
> > removal of unmaintained out-of-date insecure versions of their stuff. ROOT
> > was in the same situation years ago, the Debian package for ROOT was very old version,
> > also built incorrectly, and everybody complained to us that our stuff does
> > not work (midas, rootana, etc).
>
> Yeah, I have to recompile the Windows version. Unfortunately my old Windows PC is gone, I
> switched now completely to MacOSX and Linux. Probably have to borrow something from somewhere.
> If anybody can compile the Windows version with the current source code I would be happy.
>
> Stefan
FWIW: you could cross-compile on Linux using
make CC=x86_64-w64-mingw32-gcc CFLAGS="-D_MSC_VER -DHAVE_VASPRintF -Imxml" LIBS="-Wl,--allow-multiple-definition -ladvapi32 -lwsock32 -lssl -lcrypto"
or so I thought... with build 3.1.4 - 395e101 I did manage, finally.
However, with the latest git version everything seems to have been renamed to .cxx files (though it's still plain C ??!?!?) and my quick and dirty compile hack did not work. The binaries do work, I can start the server and access it via the web interface. |
69491
|
Mon Mar 7 22:07:54 2022 |
| Laurent Jean-Rigaud | lollspam@free.fr | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? | > > I trust Stefan is reading this thread and will do something about it. My vote would
> > be to remove the download link to the windows executables and ask Debian to remove
> > the elog package. I think they have a way for upstream developers (Stefan) to request
> > removal of unmaintained out-of-date insecure versions of their stuff. ROOT
> > was in the same situation years ago, the Debian package for ROOT was very old version,
> > also built incorrectly, and everybody complained to us that our stuff does
> > not work (midas, rootana, etc).
>
> Yeah, I have to recompile the Windows version. Unfortunately my old Windows PC is gone, I
> switched now completely to MacOSX and Linux. Probably have to borrow something from somewhere.
> If anybody can compile the Windows version with the current source code I would be happy.
>
> Stefan
Hi Stefan,
I don't find any howto to build elog under windows, so i tried to compile elog-latest sources with cygwin (packages gcc + openssl-devel + openldap-devel + make).
It builds, i could start elogd.exe and connect to localhost:8080 !
I generate a zip with cygwin dll needed to launch elogd and tools. I think they could be enclosed (maybe the cygwin licence file have to be added ?).
Btw it should be possible to crossbuild it under Mac or Linux. The problem is to test it ;-). On Mac, you can use UTM to create a Windows VM to do the work.
Bye
Laurent |
69493
|
Wed Mar 9 17:55:31 2022 |
| Jan Just Keijser | janjust@nikhef.nl | Question | Windows | 3.1.4-a04faf9f | Re: Vulnerability? | I've built the last C version of elog in git, revision 1ebfd06c using mingw-64 ; the resulting binaries work for me on Windows 2019.
Attached is a zip file with the binaries.
I was not able to create a new installer, these are just the executables |
69495
|
Mon Mar 14 08:49:44 2022 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 3.1.3-7933898 | Re: Removal of ID and Date attributes | Use the configuration option
List display = Day, Station Type, Start time UTC, ...
as written in the documentation.
Best,
Stefan
James Darrow wrote: |
Hello all,
I just found elog which is a great piece of software! I'm implementing it for use to log my shortwave listening contacts. The problem that I have is I'm moving over a current log to elog which already has a date of when the record was created, which is important.I renamed the old date to day to upload the log into elog. My problem is I don't need to see elog's ID# or date/time stamp of when the log was created seeing it's already in my data. My question is, is there any way to not show elog's ID# and date/time stamp or would I need to create a tab and if so could someone provide a config file where I could see how the tab was implemented. I've attached a screenshot of what it looks like so far. I've implemented the dark theme (which I like) that Anthoney had posted in the contibutions section.
Thanks in advance!
Jim
|
|
69496
|
Mon Mar 14 18:45:14 2022 |
| James Darrow | kb9mmc@ameritech.net | Question | Linux | 3.1.3-7933898 | Re: Removal of ID and Date attributes | That worked! Thanks Stefan
Stefan Ritt wrote: |
Use the configuration option
List display = Day, Station Type, Start time UTC, ...
as written in the documentation.
Best,
Stefan
James Darrow wrote: |
Hello all,
I just found elog which is a great piece of software! I'm implementing it for use to log my shortwave listening contacts. The problem that I have is I'm moving over a current log to elog which already has a date of when the record was created, which is important.I renamed the old date to day to upload the log into elog. My problem is I don't need to see elog's ID# or date/time stamp of when the log was created seeing it's already in my data. My question is, is there any way to not show elog's ID# and date/time stamp or would I need to create a tab and if so could someone provide a config file where I could see how the tab was implemented. I've attached a screenshot of what it looks like so far. I've implemented the dark theme (which I like) that Anthoney had posted in the contibutions section.
Thanks in advance!
Jim
|
|
|
|