An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. https://github.com/Mbed-TLS/mbedtls/issues/8654
Created mbedtls tracking bugs for this issue: Affects: epel-all [bug 2259503] Affects: fedora-all [bug 2259504] Created micropython tracking bugs for this issue: Affects: fedora-all [bug 2259505] Created rust-psa-crypto-sys tracking bugs for this issue: Affects: fedora-all [bug 2259506]