diff options
Diffstat (limited to 'ChangeLog.d/tls13-only-server.txt')
-rw-r--r-- | ChangeLog.d/tls13-only-server.txt | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/ChangeLog.d/tls13-only-server.txt b/ChangeLog.d/tls13-only-server.txt deleted file mode 100644 index 736896e..0000000 --- a/ChangeLog.d/tls13-only-server.txt +++ /dev/null @@ -1,11 +0,0 @@ -Security - * When negotiating TLS version on server side, do not fall back to the - TLS 1.2 implementation of the protocol if it is disabled. - - If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 - client could put the TLS 1.3-only server in an infinite loop processing - a TLS 1.2 ClientHello, resulting in a denial of service. Reported by - Matthias Mucha and Thomas Blattmann, SICK AG. - - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client - was able to successfully establish a TLS 1.2 connection with the server. - Reported by alluettiv on GitHub. - Fixes CVE-2024-28836. |