1
Candidate: CVE-2017-9789
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9789
5
https://httpd.apache.org/security/vulnerabilities_24.html
6
https://lists.apache.org/thread.html/9d0098775bd83cf7c33ac5a077ef412c14ce939198921e639c734e20@%3Cannounce.httpd.apache.org%3E
8
When under stress, closing many connections, the HTTP/2 handling code in
9
Apache httpd 2.4.26 would sometimes access memory after it has been freed,
10
resulting in potentially erratic behaviour.
13
sbeattie> HTTP/2 support has not been enabled in Ubuntu builds of apache
20
upstream_apache2: released (2.4.27)
21
precise/esm_apache2: not-affected (HTTP/2 disabled)
22
trusty_apache2: not-affected (HTTP/2 disabled)
23
vivid/ubuntu-core_apache2: DNE
24
xenial_apache2: not-affected (HTTP/2 disabled)
25
yakkety_apache2: not-affected (HTTP/2 disabled)
26
zesty_apache2: not-affected (HTTP/2 disabled)
27
devel_apache2: released (2.4.27-2ubuntu2)