mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-05 16:13:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve change log

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-03-07 09:01:19 +01:00
parent 130bfe7799
commit e301813da4
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog.d/tls13-only-server-infinite-loop.txt
View File

@ -1,6 +1,5 @@
Security
* Fixed a critical denial of service in TLS 1.3 only server (TLS 1.2 support
disabled at build time): a TLS client could put the TLS 1.3 only server in
a infinite loop processing a TLS 1.2 ClientHello. The default
configuration is not affected. Reported by Matthias Mucha and Thomas
Blattmann, SICK AG.
* Fixed a denial of service in TLS 1.3-only server (TLS 1.2 support
disabled at build time): a TLS client could put the TLS 1.3-only server in
an infinite loop processing a TLS 1.2 ClientHello. Reported by Matthias
Mucha and Thomas Blattmann, SICK AG.