On 8/27/20 9:25 AM, Andre Heider wrote:
> Hi,
>
> On 26/08/2020 00:19, Hauke Mehrtens wrote:
>> This fixes the following security problems:
>> * In earlier versions of wolfSSL there exists a potential man in the
>> middle attack on TLS 1.3 clients.
>> * Denial of service attack on TLS 1.3
Hi,
On 26/08/2020 00:19, Hauke Mehrtens wrote:
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
ChangeCipherSpecs
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
ChangeCipherSpecs messages. (CVE-2020-12457)
* Potential cache timing