Описание
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wolfssl | fixed | 5.8.4-1 | package | |
| wolfssl | no-dsa | trixie | package | |
| wolfssl | no-dsa | bookworm | package | |
| wolfssl | postponed | bullseye | package |
Примечания
https://github.com/wolfSSL/wolfssl/pull/9395
Fixed by: https://github.com/wolfSSL/wolfssl/commit/58bd6a8d9431f16b3745cae4d4dd504a8c170eb0 (v5.8.4-stable)
Fixed by: https://github.com/wolfSSL/wolfssl/commit/f54ca0d481fae9bfa86011ff37d2911c824be073 (v5.8.4-stable)
Связанные уязвимости
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.