CVE-2017-9789

Priority
Description
When under stress, closing many connections, the HTTP/2 handling code in
Apache httpd 2.4.26 would sometimes access memory after it has been freed,
resulting in potentially erratic behaviour.
Notes
sbeattieHTTP/2 support has not been enabled in Ubuntu builds of apache
Package
Upstream:released (2.4.27)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (HTTP/2 disabled)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (HTTP/2 disabled)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (HTTP/2 disabled)
More Information

Updated: 2020-09-10 05:47:29 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)