cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-01 01:16:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix and improve the change log

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-03-11 13:40:24 +01:00
parent 53dff7b0af
commit 44193fa573
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ChangeLog.d/tls13-only-server.txt
View File

@ -1,10 +1,10 @@
Security
* When negotiating TLS version on server side, do not fall back to the
TLS 1.2 implementation of the protocol if it is not enabled.
TLS 1.2 implementation of the protocol if it is disabled.
- If the TLS 1.2 implementation was disabled at build time, a TLS 1.2
client was able to put the TLS 1.3-only server in an infinite loop
processing a TLS 1.2 ClientHello, resulting in a Denial of Service.
Reported by Matthias Mucha and Thomas Blattmann, SICK AG.
client could put the TLS 1.3-only server in an infinite loop processing
a TLS 1.2 ClientHello, resulting in a denial of service. Reported by
Matthias Mucha and Thomas Blattmann, SICK AG.
- If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
was able to successfully established a connection with the TLS 1.3-only
server. Reported by alluettiv on GitHub.
was able to successfully establish a TLS 1.2 connection with the server.
Reported by alluettiv on GitHub.