DtWinVer v1.91

Just to let everyone know that v1.91 of DtWinVer has been released. Updates for this version include:

• Updated copyright details
• Updated code to compile cleanly using VS 2013
• Updated code to report failure when compiled under Windows RT i.e. when the WINAPI_FAMILY preprocessor value is anything other than WINAPI_FAMILY_DESKTOP_APP
• Added support to detect Windows 8.1 / 2012 R2 Update

CPJNPOP3Connection v1.50

Just to let everyone know that v1.50 of CPJNPOP3Connection has been released. Updates for this version include:

• The sample app is now linked against the latest OpenSSL v1.0.1g dlls. This version is the patched version of OpenSSL which does not suffer from the Heartbleed bug.
• Please note that by default OpenSSL does not do host name validation. The sample app provided with the PJNPOP3 code also does not do host name validation. This means that as it stands the sample app is vulnerable to man in the middle attacks if you use SSL/TLS to connect to a POP3 server. For further information and sample code which you should incorporate into your real POP3 client applications, please see http://wiki.openssl.org/index.php/Hostname_validation, https://github.com/iSECPartners/ssl-conservatory and http://archives.seul.org/libevent/users/Feb-2013/msg00043.html.

W3Mfc v1.97 (New release)

Just to let everyone know that v1.97 of W3Mfc & v1.37 of CThreadPoolServer has been re-released. Updates for this version include:

• The sample app is now linked against the latest OpenSSL v1.0.1g dlls. This version is the patched version of OpenSSL which does not suffer from the Heartbleed bug.

CPJNSMTPConnection v3.06

Just to let everyone know that a new version of v3.06 of CPJNSMTPConnection has been released. Updates for this version include:

• The sample app is now linked against the latest OpenSSL v1.0.1g dlls. This version is the patched version of OpenSSL which does not suffer from the Heartbleed bug.
• Please note that by default OpenSSL does not do host name validation. The sample app provided with the PJNSMTP code also does not do host name validation. This means that as it stands the sample app is vulnerable to man in the middle attacks if you use SSL/TLS to connect to a SMTP server. For further information and sample code which you should incorporate into your real SMTP client applications, please see http://wiki.openssl.org/index.php/Hostname_validation, https://github.com/iSECPartners/ssl-conservatory and http://archives.seul.org/libevent/users/Feb-2013/msg00043.html.