The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,226 other subscribers

Archive for December 30th, 2016

The curse of vulnerable OpenSSL DLLs

Posted by jpluimers on 2016/12/30

When you ship OpenSSL DLLs, you should provide an update mechanism outside of your regular product cycle that updates these shortly after vulnerabilities are fixed.

Few if any products do that. So I made an overview from products and OpenSSL DLL versions I had installed on various systems.

I’m a developer, so the list is biased towards tools I use often.

All of them are vulnerable: [WayBack

  • 1.0.2.h by ContinuaCI PostgreSQL and Avast 12.3
  • 1.0.2.g by SourceTree 1.9.x embedded git_local
  • 1.0.2d by Git for Windows 2.6.1
  • 1.0.2a by SQLite browser 3.7.0
  • 1.0.1m by Delphi 10.0 Seattle
  • 1.0.1l by Ruby 2.3
  • 1.0.1f by SlikSvn 1.8.5
  • 1.0.1g by Delphi XE8, Delphi XE7, VMware Workstation OVF tool and Adobe Creative Cloud 2.8.1
  • 1.0.0g by Delphi XE6, Delphi XE5, Delphi XE4, Delphi XE3, Appmethod 1.13 and CollabNet SVN Client 1.7.5
  • 1.00d by MarkdownPad 2
  • 1.0.0 by FinalBuider 7 XE2 and FinalBuilder 7 EE
  • 0.9.8za by VMware Remote Console Plug-in 5.1 and VMware Virtual Infrastructure Client 5.1
  • 0.9.8y by VMware VIX Workstation 10
  • 0.9.8t by Veaam Backup and Replication
  • 0.9.8r by ContinuaCI hg support, VMware VIX and VMware Workstation 8.0.2
  • 0.9.8q by Veeam Backup Transport, Veaam Backup, xampp 1.7.4 and Replication and VMware Virtual Infrastructure Client 5.0
  • 0.9.8o by xampp 1.7.4
  • 0.9.8l by xampp 1.7.4
  • 0.9.8n by Delphi XE2, Delphi XE and VMware VIX Workstation 7.1.0
  • 0.9.8m by VMware VMRC Plug-in, VMware VIX and VMware Workstation 8.0.2
  • 0.9.8i by VMware Virtual Infrastructure Client 4.1
  • 0.9.8d by Database Workbench Pro 4.4.3, Database Workbench Pro 5.2.4 and VMware vSphere CLI Perl
  • 0.9.8b by Adobe Creative Suite 5
  • 0.9.7m by VMware VIX server 1.0.9
  • 0.9.7l by VMware VIX VIServer 2
  • N/A by Adobe Create Suite 5 and VMware VIX server 1


via: [WayBackDoes Delphi installer install OpenSSL dll’s?

PS: Below some Software Archeology related links in the comments.

Posted in .NET, CollabNet, Delphi, Development, DVCS - Distributed Version Control, git, OpenSSL, Power User, Ruby, Security, Software Development, Source Code Management, SourceTree, Subversion/SVN | 7 Comments »

Getting A or better grading on SSL Labs HTTPS tests

Posted by jpluimers on 2016/12/30

Now that everyone has had enough time to get proper TLS certificates using for instance LetsEncrypt, it’s time to up the ante: score better than an A on the SSL Labs tests from either their main site or dev site:

Here are some links to get there:


Posted in *nix, Apache2, Communications Development, Development, Encryption, Internet protocol suite, Let's Encrypt (letsencrypt/certbot), Power User, Security, TCP, TLS | Leave a Comment »

DNSSEC – Domainumzug mit Hindernissen / Blog / Privat – Lutz Donnerhacke

Posted by jpluimers on 2016/12/30

For my Link Archive: DNSSEC, Domainumzug mit Hindernissen / Blog / Privat – Lutz Donnerhacke.


via: Wenn man #DNSSEC mal richtig machen will, geht es komplett schief.

Posted in Power User | Leave a Comment »

%d bloggers like this: