mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 01:26:49 +00:00
Merge pull request #1187 from ronald-cron-arm/issue-1185
Add security change log for issue 1185
This commit is contained in:
commit
e98a492cf5
10
ChangeLog.d/tls13-only-server.txt
Normal file
10
ChangeLog.d/tls13-only-server.txt
Normal file
@ -0,0 +1,10 @@
|
||||
Security
|
||||
* When negotiating TLS version on server side, do not fall back to the
|
||||
TLS 1.2 implementation of the protocol if it is disabled.
|
||||
- If the TLS 1.2 implementation was disabled at build time, a TLS 1.2
|
||||
client could put the TLS 1.3-only server in an infinite loop processing
|
||||
a TLS 1.2 ClientHello, resulting in a denial of service. Reported by
|
||||
Matthias Mucha and Thomas Blattmann, SICK AG.
|
||||
- If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
|
||||
was able to successfully establish a TLS 1.2 connection with the server.
|
||||
Reported by alluettiv on GitHub.
|
Loading…
x
Reference in New Issue
Block a user