cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-01 09:31:25 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix and improve the change log

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-03-11 13:40:24 +01:00
parent 53dff7b0af
commit 44193fa573
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ChangeLog.d/tls13-only-server.txt
View File

@ -1,10 +1,10 @@
Security Security
* When negotiating TLS version on server side, do not fallback to the * When negotiating TLS version on server side, do not fall back to the
TLS 1.2 implementation of the protocol if it is not enabled. TLS 1.2 implementation of the protocol if it is disabled.
- If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 - If the TLS 1.2 implementation was disabled at build time, a TLS 1.2
client was able to put the TLS 1.3-only server in an infinite loop client could put the TLS 1.3-only server in an infinite loop processing
processing a TLS 1.2 ClientHello, resulting in a Denial of Service. a TLS 1.2 ClientHello, resulting in a denial of service. Reported by
Reported by Matthias Mucha and Thomas Blattmann, SICK AG. Matthias Mucha and Thomas Blattmann, SICK AG.
- If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
was able to successfully established a connection with the TLS 1.3-only was able to successfully establish a TLS 1.2 connection with the server.
server. Reported by alluettiv on GitHub. Reported by alluettiv on GitHub.