Apache Traffic Server before versions 6.2.2 and 7.1.2 are have a vulnerability in the TLS handshake performed in SSLNetVConnection.cc which can lead to a crash and resulting denial of service. External References: https://lists.apache.org/thread.html/203bdcf9bbb718f3dc6f7aaf3e2af632474d51fa9e7bfb7832729905@%3Cdev.trafficserver.apache.org%3E Upstream Pull Request: https://github.com/apache/trafficserver/pull/1941
Created trafficserver tracking bugs for this issue: Affects: fedora-all [bug 1550782] Affects: epel-all [bug 1550783]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.