diff options
author | Pauli <pauli@openssl.org> | 2022-05-04 13:01:35 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-21 10:49:51 +0100 |
commit | a8b6c9f83ce49b6192137c7600532441db885e19 (patch) | |
tree | 56b9f7d26c6c930dc16063c33e72ef2a424c5bda /NEWS.md | |
parent | 4a929c7c5cb06dcf1952691ee8732007cc1a41d4 (diff) |
tls: ban SSL3, TLS1, TLS1.1 and DTLS1.0 at security level one and above
This is in line with the NEWS entry (erroneously) announcing such for 3.0.
Fixes #18194
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18236)
(cherry picked from commit 7bf2e4d7f0c7ae19b7a8c416910886a7171e9820)
Diffstat (limited to 'NEWS.md')
-rw-r--r-- | NEWS.md | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -25,6 +25,7 @@ OpenSSL 3.1 * Fixed regressions introduced in 3.0.6 version. * Fixed two buffer overflows in punycode decoding functions. ([CVE-2022-3786]) and ([CVE-2022-3602]) + * SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0. OpenSSL 3.0 ----------- |