Package "dotnet-runtime-6.0"

Name:	dotnet-runtime-6.0
Description:	dotNET runtime
Latest version:	6.0.135-0ubuntu1~22.04.1
Release:	jammy (22.04)
Level:	security
Repository:	main
Head package:	dotnet6
Homepage:	https://dot.net/core

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "dotnet-runtime-6.0"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "dotnet-runtime-6.0" in Jammy

Repository	Area	Version
updates	main	6.0.135-0ubuntu1~22.04.1
proposed	main	6.0.136-0ubuntu1~22.04.1

Changelog

Version: 6.0.135-0ubuntu1~22.04.1 2024-10-08 20:07:05 UTC

Version: 6.0.135-0ubuntu1~22.04.1	2024-10-08 20:07:05 UTC
dotnet6 (6.0.135-0ubuntu1~22.04.1) jammy-security; urgency=medium * New upstream release * SECURITY UPDATE: denial of service - CVE-2024-43483: Multiple .NET components designed to process hostile input are susceptible to hash flooding attacks. * SECURITY UPDATE: denial of service - CVE-2024-43484: System.IO.Packaging - Multiple DoS vectors in use of SortedList. * SECURITY UPDATE: denial of service - CVE-2024-43485: Denial of Service attack against System.Text.Json ExtensionData feature. -- Nishit Majithia <email address hidden> Fri, 04 Oct 2024 20:46:48 +0530
Source diff to previous version

dotnet6 (6.0.135-0ubuntu1~22.04.1) jammy-security; urgency=medium * New upstream release * SECURITY UPDATE: denial of service - CVE-2024-43483: Multiple .NET components designed to process hostile input are susceptible to hash flooding attacks. * SECURITY UPDATE: denial of service - CVE-2024-43484: System.IO.Packaging - Multiple DoS vectors in use of SortedList. * SECURITY UPDATE: denial of service - CVE-2024-43485: Denial of Service attack against System.Text.Json ExtensionData feature. -- Nishit Majithia <email address hidden> Fri, 04 Oct 2024 20:46:48 +0530

Source diff to previous version

Version: 6.0.132-0ubuntu1~22.04.1 2024-07-09 22:07:14 UTC

dotnet6 (6.0.132-0ubuntu1~22.04.1) jammy-security; urgency=medium * New upstream release * SECURITY UPDATE: denial of service - CVE-2024-38095: Denial of service in parsing X.509 Content and ObjectIdentifiers. * debian/eng/build-dotnet-tarball.sh: SECURITY_PARTNERS_REPOSITORY connection method updated. -- Nishit Majithia <email address hidden> Thu, 04 Jul 2024 10:23:31 +0530

Source diff to previous version

CVE-2024-38095

.NET and Visual Studio Denial of Service Vulnerability

Version: 6.0.127-0ubuntu1~22.04.1 2024-04-18 23:07:11 UTC

dotnet6 (6.0.127-0ubuntu1~22.04.1) jammy-security; urgency=medium * New upstream release * SECURITY UPDATE: denial of service - CVE-2024-21386: denial of service vector in SignalR server. * SECURITY UPDATE: denial of service - CVE-2024-21404: .NET with OpenSSL support is vulnerable to a denial of service when parsing X509 certificates. -- Nishit Majithia <email address hidden> Fri, 09 Feb 2024 10:40:34 +0530

CVE-2024-21386	.NET Denial of Service Vulnerability
CVE-2024-21404	.NET Denial of Service Vulnerability

About - Send Feedback to @ubuntu_updates

Package "dotnet-runtime-6.0"

Links

Download "dotnet-runtime-6.0"

Other versions of "dotnet-runtime-6.0" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates