[openssl-commits] Still Failing: openssl/openssl#4815 (OpenSSL_1_0_2-stable - 77857dd)
Travis CI
builds at travis-ci.org
Fri Jul 1 22:33:38 UTC 2016
Build Update for openssl/openssl
-------------------------------------
Build: #4815
Status: Still Failing
Duration: 17 minutes and 43 seconds
Commit: 77857dd (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Avoid an overflow in constructing the ServerKeyExchange message
We calculate the size required for the ServerKeyExchange message and then
call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
2 bytes required for the signature algorithm and 2 bytes for the signature
length, i.e. we could overflow by 4 bytes. In reality this won't happen
because the buffer is pre-allocated to a large size that means it should be
big enough anyway.
Addresses an OCAP Audit issue.
Reviewed-by: Rich Salz <rsalz at openssl.org>
View the changeset: https://github.com/openssl/openssl/compare/cbffd2d9ca91...77857ddcca41
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/141695903
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-commits/attachments/20160701/1bc3deb9/attachment.html>
More information about the openssl-commits
mailing list