CVE-2017-7671

Priority
Description
There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to
5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can
cause the server to coredump.
Notes
Package
Upstream:released (7.1.2+ds-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (7.1.2+ds-2build1)
Ubuntu 19.10 (Eoan Ermine):not-affected (7.1.2+ds-2build1)
Ubuntu 20.04 (Focal Fossa):not-affected (7.1.2+ds-2build1)
Patches:
Upstream:https://github.com/apache/trafficserver/commit/15a4345bb017c56b1a35a43353ca4990d60b5c9b
More Information

Updated: 2020-04-24 03:44:11 UTC (commit d3f8a6ed481830fb100109a132bef581fc4176fe)