1. GnuTLSの深刻な脆弱性(CVE-2020-13777) 先日、GnuTLSで深刻な脆弱性が見つかりました。 GNUTLS-SA-2020-06-03: CVE-2020-13777 It was found that GnuTLS 3.6.4 introduced a regression in the TLS protocol implementation. This caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a MitM attacker to bypass authentication in TLS 1.3 and recover previous c
![求む!TLS1.3の再接続を完全に理解した方(Challenge CVE-2020-13777) - ぼちぼち日記](https://cdn-ak-scissors.b.st-hatena.com/image/square/9dea5669794c20fb2845b8bf9b2adb3d87132df0/height=288;version=1;width=512/https%3A%2F%2Fcdn-ak.f.st-hatena.com%2Fimages%2Ffotolife%2Fj%2Fjovi0608%2F20200613%2F20200613055805.png)