<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Thumbs up! I appreciate your diligence at my suggestion! I will
check my update channel. Hmm. Discover is crashing! Oh my!<br>
</p>
<p>John</p>
<div class="moz-cite-prefix">On 4/27/21 3:25 PM, Michalis Kamburelis
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAKzBGZPyz8_LY7rxEhEmGtpP7m32J8GMD1vUuR6-kxx=y8H8gg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Good point, our Windows DLLs of OpenSSL were actually a bit
out of date. I just upgraded them (1.0.2n -> 1.0.2u).</div>
<div><br>
</div>
<div>The next view3dscene snapshot from <a
href="https://castle-engine.io/view3dscene.php"
moz-do-not-send="true">https://castle-engine.io/view3dscene.php</a>
will contain new DLLs.</div>
<div><br>
</div>
<div>( This concerns only Windows. On other platforms, like
Linux, we rely on system-installed OpenSSL version. )</div>
<div><br>
</div>
<div>Regards,</div>
<div>Michalis<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">wt., 27 kwi 2021 o 01:21 John
Carlson <<a href="mailto:yottzumm@gmail.com"
moz-do-not-send="true">yottzumm@gmail.com</a>>
napisał(a):<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="auto">I know that OpenSSL libraries are often
targeted for intense scrutiny and it’s pretty much a good
idea to stay up-to-date. If you have a dependency on them
in the apt package, that should be sufficient, but be sure
to track latest OpenSSL in your dependencies.</div>
<div><br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Apr 26, 2021 at
6:02 AM Michalis Kamburelis <<a
href="mailto:michalis.kambi@gmail.com" target="_blank"
moz-do-not-send="true">michalis.kambi@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>CGE OpenSSL libraries are from <a
href="https://indy.fulgan.com/SSL/"
target="_blank" moz-do-not-send="true">https://indy.fulgan.com/SSL/</a>
which is linked to by <a
href="https://wiki.openssl.org/index.php/Binaries"
target="_blank" moz-do-not-send="true">https://wiki.openssl.org/index.php/Binaries</a>
. So I would surely hope that they are virus-free,
they are used by many projects independent of CGE.
If a virus scanner detects them, please test on DLLs
directly from <a
href="https://indy.fulgan.com/SSL/"
target="_blank" moz-do-not-send="true">https://indy.fulgan.com/SSL/</a>
. Consider submitting a "wrong detection" to virus
software, as far as I know they should be "clean"
(though I never tried to compile them myself from
code).</div>
<div><br>
</div>
<div>Please submit CGE issues to the CGE bugtracker --
it is easy for me to miss some CGE-specific report
otherwise.</div>
<div><br>
</div>
<div>Regards,</div>
<div>Michalis<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">czw., 15 kwi 2021 o
00:39 John Carlson <<a
href="mailto:yottzumm@gmail.com" target="_blank"
moz-do-not-send="true">yottzumm@gmail.com</a>>
napisał(a):<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px
0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<p>The one found in the <a
href="https://github.com/castle-engine/castle-engine/releases/tag/v6.4"
target="_blank" moz-do-not-send="true">https://github.com/castle-engine/castle-engine/releases/tag/v6.4</a>
- <a
href="https://github.com/castle-engine/castle-engine/releases/download/v6.4/castle_game_engine-6.4-src.zip"
rel="nofollow" target="_blank"
moz-do-not-send="true"><span>castle_game_engine-6.4-src.zip<br>
</span></a></p>
<p>This one also reports in clamTk.<br>
</p>
<p>I don't think the one in the PPA has anything
wrong with it, that I know of. These are files
I downloaded from github releases. It's most
likely the ones deployed with the OS packages
are okay, as I didn't get reports on those.<br>
</p>
<p><br>
</p>
<p>John<br>
</p>
<p><br>
</p>
<div>On 4/14/21 5:21 PM, John Carlson wrote:<br>
</div>
<blockquote type="cite">
<p><br>
</p>
<div>On 4/14/21 5:02 PM, John Carlson wrote:<br>
</div>
<blockquote type="cite">
<p><br>
</p>
<p>Here's a snapshot of ClamTk virus checker
results on my Groovy Gorilla Kubuntu system.</p>
<p>Michalis, you might want to double check
your OpenSSL dll (libeay32.dll). I will try
to download a new copy of castle game engine
and retest, but I've done an update recently
(but it may have crashed). I will
remove/reinstall<br>
</p>
</blockquote>
<p>Okay, apparently the libeay32.dll in question
came from
castle-engine-7.0-alpha.snapshot-linux-x86_64.zip
(now in the castle_game_engine folder). I
scanned the zip too, and there was no
threats. Perhaps something on my system is
inserting when unpacking?</p>
<p>I will download a production release of
castle-game-engine from github.</p>
<p><br>
</p>
<blockquote type="cite">
<p> </p>
<p><img
src="cid:part10.07ECD761.8BE695D2@gmail.com"
alt="" style="width: 667px; max-width:
100%;" class=""></p>
</blockquote>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</blockquote>
</body>
</html>