Register Log In

Forums mIRC Help OpenSSL Version

Print Thread

Re: OpenSSL Version keystroke #228368 20/12/10 08:32 AM
Joined: Oct 2003 Posts: 3,641 Montreal, QC, Canada A argv0 Hoopy frood
argv0 Hoopy frood A Joined: Oct 2003 Posts: 3,641 Montreal, QC, Canada	There is no "expected" version. mIRC uses whatever is installed by the user. Your initial post was wrong in that "the new mIRC" does not "use" the q release (in the sense that mIRC only supports that library). mIRC.com provides a precompiled OpenSSL binary installer as a convenience, because lots of people were having trouble installing the other popular openssl packages out there (due to MSVC2005's CRT being linked but not available on a target system, for instance). Khaled decided to provide his own for users if they need it. You don't have to use it, and mIRC doesn't expect this version to be used-- again, it's only released as a convenience for users. Therefore, there is no way to know what the "expected" openssl library should be, since mIRC has no specific expectation. Furthermore, it wouldn't make sense to say that "the version at the time of release is safe", because mIRC releases would not often be fast enough to keep up with new vulnerabilities. It would be wrong for mIRC to suggest, for instance, that "q" is "expected" just because that's what was available when 7.17 was released. This would be problematic if a vulnerability in q was discovered in the interim. Khaled does not update mIRC everytime a new openssl library is released. I think it's good enough to follow Collective's instructions to verify your libraries for yourself.

Entire Thread
Subject	Posted By	Posted
OpenSSL Version	keystroke	19/12/10 08:19 PM
Re: OpenSSL Version	Collective	19/12/10 08:50 PM
Re: OpenSSL Version	keystroke	19/12/10 10:47 PM
Re: OpenSSL Version	RusselB	20/12/10 06:13 AM
Re: OpenSSL Version	argv0	20/12/10 08:32 AM

Link Copied to Clipboard