Candidate: CVE-2018-8022
PublicDate: 2018-08-29 13:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8022
 http://www.openwall.com/lists/oss-security/2018/08/29/1
 https://github.com/apache/trafficserver/pull/2147
Description:
 A carefully crafted invalid TLS handshake can cause Apache Traffic Server
 (ATS) to segfault. This affects version 6.2.2. To resolve this issue users
 running 6.2.2 should upgrade to 6.2.3 or later versions.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_trafficserver:
upstream_trafficserver: released (7.0.0-1)
precise/esm_trafficserver: DNE
trusty_trafficserver: ignored (reached end-of-life)
trusty/esm_trafficserver: DNE (trusty was needs-triage)
xenial_trafficserver: ignored (end of standard support, was needs-triage)
bionic_trafficserver: not-affected (7.1.2+ds-3)
cosmic_trafficserver: not-affected
disco_trafficserver: not-affected
eoan_trafficserver: not-affected
focal_trafficserver: not-affected
groovy_trafficserver: not-affected
hirsute_trafficserver: not-affected
impish_trafficserver: not-affected
jammy_trafficserver: not-affected
devel_trafficserver: not-affected