Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.1.1b

Description The issue concerns a bug in DTLS over SCTP, which breaks interoperability with older versions of OpenSSL, such as OpenSSL 1.1.0 and OpenSSL 1.0.2. Additionally, there were changes made to the info callback signals for the start and end of a post-handshake message exchange in TLSv1.3, and the handling of strerror r with glibc was fixed.

Recommendations Update to version 1.1.1b to fix the issues. As a temporary workaround, consider restricting the use of DTLS over SCTP until the update is applied.