mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2024-12-29 09:21:19 +00:00
7 lines
397 B
Plaintext
7 lines
397 B
Plaintext
Security
|
|
* Restore the maximum TLS version to be negotiated to the configured one
|
|
when an SSL context is reset with the mbedtls_ssl_session_reset() API.
|
|
An attacker was able to prevent an Mbed TLS server from establishing any
|
|
TLS 1.3 connection potentially resulting in a Denial of Service or forced
|
|
version downgrade from TLS 1.3 to TLS 1.2. Fixes #8654 reported by hey3e.
|