[x3d-public] virus checker results, FYI
John Carlson
yottzumm at gmail.com
Tue Apr 27 17:41:19 PDT 2021
Thumbs up! I appreciate your diligence at my suggestion! I will check
my update channel. Hmm. Discover is crashing! Oh my!
John
On 4/27/21 3:25 PM, Michalis Kamburelis wrote:
> Good point, our Windows DLLs of OpenSSL were actually a bit out of
> date. I just upgraded them (1.0.2n -> 1.0.2u).
>
> The next view3dscene snapshot from
> https://castle-engine.io/view3dscene.php
> <https://castle-engine.io/view3dscene.php> will contain new DLLs.
>
> ( This concerns only Windows. On other platforms, like Linux, we rely
> on system-installed OpenSSL version. )
>
> Regards,
> Michalis
>
> wt., 27 kwi 2021 o 01:21 John Carlson <yottzumm at gmail.com
> <mailto:yottzumm at gmail.com>> napisał(a):
>
> I know that OpenSSL libraries are often targeted for intense
> scrutiny and it’s pretty much a good idea to stay up-to-date. If
> you have a dependency on them in the apt package, that should be
> sufficient, but be sure to track latest OpenSSL in your dependencies.
>
> On Mon, Apr 26, 2021 at 6:02 AM Michalis Kamburelis
> <michalis.kambi at gmail.com <mailto:michalis.kambi at gmail.com>> wrote:
>
> CGE OpenSSL libraries are from https://indy.fulgan.com/SSL/
> <https://indy.fulgan.com/SSL/> which is linked to by
> https://wiki.openssl.org/index.php/Binaries
> <https://wiki.openssl.org/index.php/Binaries> . So I would
> surely hope that they are virus-free, they are used by many
> projects independent of CGE. If a virus scanner detects them,
> please test on DLLs directly from https://indy.fulgan.com/SSL/
> <https://indy.fulgan.com/SSL/> . Consider submitting a "wrong
> detection" to virus software, as far as I know they should be
> "clean" (though I never tried to compile them myself from code).
>
> Please submit CGE issues to the CGE bugtracker -- it is easy
> for me to miss some CGE-specific report otherwise.
>
> Regards,
> Michalis
>
> czw., 15 kwi 2021 o 00:39 John Carlson <yottzumm at gmail.com
> <mailto:yottzumm at gmail.com>> napisał(a):
>
> The one found in the
> https://github.com/castle-engine/castle-engine/releases/tag/v6.4
> <https://github.com/castle-engine/castle-engine/releases/tag/v6.4>
> - castle_game_engine-6.4-src.zip
> <https://github.com/castle-engine/castle-engine/releases/download/v6.4/castle_game_engine-6.4-src.zip>
>
> This one also reports in clamTk.
>
> I don't think the one in the PPA has anything wrong with
> it, that I know of. These are files I downloaded from
> github releases. It's most likely the ones deployed with
> the OS packages are okay, as I didn't get reports on those.
>
>
> John
>
>
> On 4/14/21 5:21 PM, John Carlson wrote:
>>
>>
>> On 4/14/21 5:02 PM, John Carlson wrote:
>>>
>>>
>>> Here's a snapshot of ClamTk virus checker results on my
>>> Groovy Gorilla Kubuntu system.
>>>
>>> Michalis, you might want to double check your OpenSSL
>>> dll (libeay32.dll). I will try to download a new copy
>>> of castle game engine and retest, but I've done an
>>> update recently (but it may have crashed). I will
>>> remove/reinstall
>>>
>> Okay, apparently the libeay32.dll in question came from
>> castle-engine-7.0-alpha.snapshot-linux-x86_64.zip (now in
>> the castle_game_engine folder). I scanned the zip too,
>> and there was no threats. Perhaps something on my system
>> is inserting when unpacking?
>>
>> I will download a production release of
>> castle-game-engine from github.
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20210427/18b0fb71/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: difijadgnjcgnlli.png
Type: image/png
Size: 228298 bytes
Desc: not available
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20210427/18b0fb71/attachment-0001.png>
More information about the x3d-public
mailing list