UbuntuUpdates.org

Package "dotnet6"

Name: dotnet6

Description:

dotNET CLI tools and runtime
Latest version: 6.0.127-0ubuntu1~22.04.1
Release: jammy (22.04)
Level: security
Repository: universe
Homepage: https://dot.net/core

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dotnet6"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "dotnet6" in Jammy

Repository Area Version
updates universe 6.0.128-0ubuntu1~22.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.0.127-0ubuntu1~22.04.1 2024-02-13 23:06:52 UTC

  dotnet6 (6.0.127-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service
    - CVE-2024-21386: denial of service vector in SignalR server.
  * SECURITY UPDATE: denial of service
    - CVE-2024-21404: .NET with OpenSSL support is vulnerable to a denial of
      service when parsing X509 certificates.

 -- Nishit Majithia <email address hidden> Fri, 09 Feb 2024 10:40:34 +0530
Source diff to previous version
CVE-2024-21386 .NET Denial of Service Vulnerability
CVE-2024-21404 .NET Denial of Service Vulnerability

Version: 6.0.126-0ubuntu1~22.04.1 2024-01-11 15:07:01 UTC

  dotnet6 (6.0.126-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: validation bypass
    - CVE-2024-0057: X509 Certificates - Validation Bypass across Azure
  * SECURITY UPDATE: denial of service
    - CVE-2024-21319: Azure Identity - Pre-Authentication DoS in JWT

 -- Nishit Majithia <email address hidden> Thu, 04 Jan 2024 10:00:44 +0530
Source diff to previous version
CVE-2024-0057 NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-21319 Microsoft Identity Denial of service vulnerability

Version: 6.0.125-0ubuntu1~22.04.1 2023-11-14 21:09:45 UTC

  dotnet6 (6.0.125-0ubuntu1~22.04.1) jammy-security; urgency=medium

  [ Nishit Majithia ]
  * New upstream release
  * SECURITY UPDATE: security feature bypass
    - CVE-2023-36558: Security Feature Bypass in Blazor forms
  * SECURITY UPDATE: Arbitrary File Write and Deletion
    - CVE-2023-36049: Microsoft .NET FormatFtpCommand CRLF Injection
      Arbitrary File Write and Deletion

 -- Ian Constantin <email address hidden> Mon, 13 Nov 2023 15:37:51 +0200
Source diff to previous version

Version: 6.0.124-0ubuntu1~22.04.1 2023-10-25 05:12:38 UTC

  dotnet6 (6.0.124-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release
  * SECURITY REGRESSION: regression update (LP: #2040207)
    - Addresses a regression previously introduced by the fix for
      CVE-2023-36799

 -- Nishit Majithia <email address hidden> Mon, 23 Oct 2023 11:41:09 +0530
Source diff to previous version
2040207 Update to 6.0.124
CVE-2023-36799 .NET Core and Visual Studio Denial of Service Vulnerability

Version: 6.0.123-0ubuntu1~22.04.1 2023-10-10 19:07:12 UTC

  dotnet6 (6.0.123-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: denial of service
    - CVE-2023-44487: Denial of service - Kestrel server.

 -- Ian Constantin <email address hidden> Wed, 04 Oct 2023 23:02:16 +0300


About   -   Send Feedback to @ubuntu_updates