Still Failing: openssl/openssl#29680 (OpenSSL_1_1_1-stable - 325c9ac)

Travis CI builds at
Mon Oct 28 14:41:26 UTC 2019

Build Update for openssl/openssl

Build: #29680
Status: Still Failing

Duration: 28 mins and 49 secs
Commit: 325c9ac (OpenSSL_1_1_1-stable)
Author: Matt Caswell
Message: Fix an s_server arbitrary file read issue on Windows

Running s_server in WWW mode on Windows can allow a client to read files
outside the s_server directory by including backslashes in the name, e.g.

GET /..\myfile.txt HTTP/1.0

There exists a check for this for Unix paths but it is not sufficient
for Windows.

Since s_server is a test tool no CVE is assigned.

Thanks to Jobert Abma for reporting this.

Reviewed-by: Richard Levitte <levitte at>
(Merged from

(cherry picked from commit 0a4d6c67480a4d2fce514e08d3efe571f2ee99c9)

View the changeset:

View the full build log and details:


You can unsubscribe from build emails from the openssl/openssl repository going to
Or unsubscribe from *all* email updating your settings at
Or configure specific recipients for build notifications in your .travis.yml file. See

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-commits mailing list