UbuntuUpdates.org

Package "dotnet6"




Name: dotnet6

Description:

dotNET CLI tools and runtime
Latest version: *DELETED*
Release: mantic (23.10)
Level: updates
Repository: universe
Homepage: https://dot.net/core

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dotnet6"

APT INSTALL

Other versions of "dotnet6" in Mantic

Repository Area Version
base universe 6.0.121-0ubuntu1
security main 6.0.127-0ubuntu1~23.10.1
updates main 6.0.128-0ubuntu1~23.10.2
proposed main 6.0.129-0ubuntu1~23.10.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.0.124-0ubuntu1~23.10.1 2023-10-25 07:13:18 UTC

  dotnet6 (6.0.124-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY REGRESSION: regression update (LP: #2040207)
    - Addresses a regression previously introduced by the fix for
      CVE-2023-36799

 -- Nishit Majithia <email address hidden> Mon, 23 Oct 2023 12:21:44 +0530
Source diff to previous version
2040207 Update to 6.0.124
CVE-2023-36799 .NET Core and Visual Studio Denial of Service Vulnerability

Version: 6.0.123-0ubuntu1 2023-10-19 16:07:10 UTC

  dotnet6 (6.0.123-0ubuntu1) mantic-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: denial of service
    - CVE-2023-44487: Denial of service - Kestrel server.
  * SECURITY UPDATE: denial of service
    - CVE-2023-36799: A vulnerability exists in .NET when processing X.509
      certificates that may result in Denial of Service.
  * debian/tests/cli-metadata-should-be-correct: updated regex for the Host
    Runtime Version check.
  * debian/rules: strip away -fstack-clash-protection flag and set
    -mbranch-protection=bti for arm64.

 -- Ian Constantin <email address hidden> Wed, 18 Oct 2023 16:22:12 +0300
CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consum ...
CVE-2023-36799 .NET Core and Visual Studio Denial of Service Vulnerability


About   -   Send Feedback to @ubuntu_updates