CVSROOT: /cvs Module name: src Changes by: [email protected] 2019/10/04 03:47:34
Modified files:
usr.bin/openssl: s_server.c
Log message:
Avoid a path traversal bug in s_server on Windows.
openssl s_server has an arbitrary read vulnerability on Windows when run with
the -WWW or -HTTP options, due to an incomplete path check logic. Thanks to
Jobert Abma for reporting.
ok tb@
