Thanks for the fix and workarounds.
I have a question out of curiosity about the first workaround suggested.
In the tcpdump(attached in this mail) and also in the "client hello" attached with the bug, I could see TLS 1.2 is mentioned as the protocol being used for the communication.
So, my question is, if communication is already happening with TLS 1.2, then how would negotiating to TLS 1.2 solve the problem?
Or the server is still in the process of choosing the TLS version (since the server knows about the versions supported by the client in the "client hello" message) ?
Please, put some light on it and help me understand.