UbuntuUpdates.org

Package "dotnet6"

Name: dotnet6

Description:

dotNET CLI tools and runtime

Latest version: 6.0.113-0ubuntu1~22.04.1
Release: jammy (22.04)
Level: updates
Repository: universe
Homepage: https://dot.net/core

Links


Download "dotnet6"


Other versions of "dotnet6" in Jammy

Repository Area Version
security universe 6.0.113-0ubuntu1~22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.0.113-0ubuntu1~22.04.1 2023-01-10 22:06:39 UTC

  dotnet6 (6.0.113-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: denial of service
    - CVE-2023-21538: Parsing an empty HTTP response as a JSON.NET JObject
      causes a stack overflow and crashes a process.

 -- Ian Constantin <email address hidden> Mon, 09 Jan 2023 22:04:18 +0200

Source diff to previous version
CVE-2023-21538 RESERVED

Version: 6.0.111-0ubuntu1~22.04.1 2022-11-28 19:06:23 UTC

  dotnet6 (6.0.111-0ubuntu1~22.04.1) jammy; urgency=medium

  * New upstream release.
  * d/build-dotnet-tarball-sh: No removing libunwind needed by arm64.
  * d/control: building for arm64 too.
  * d/copyright: Non excluding libunwind needed by arm64..
  * d/dotnet-host.install.in: Removing manpages and bash-completion.
  * d/dotnet-host.links.in: New file for dotnet binary.
  * d/dotnet-host.preinst: New file for removing alternatives.
  * d/dotnet-host.manpages : New file.
  * d/dotnet-host.lintian-overrides: New file for man page warnings
    that are being fixed in upstream.
  * d/p/remove-libunwind-build.patch : Modified to apply depending
    on architecture.
  * d/rules:
    + DOTNETLIBDIR is now only DOTNET_TOP
    + Adding --with bash-completion
    + Eliminating dependants creation for alternatives.
    + Eliminating manual installation of man pages.
    (LP: #1996499)

 -- Miriam España Acebal <email address hidden> Mon, 31 Oct 2022 14:32:47 +0200

Source diff to previous version
1996499 [SRU] Upstream microrelease, arm64 bootstrap and file layout changes for upcoming dotnet7 release

Version: 6.0.110-0ubuntu1~22.04.1 2022-10-11 22:06:23 UTC

  dotnet6 (6.0.110-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: cache poisoning
    - CVE-2022-41032: Nuget cache poisoning via world-writable cache directory.

  [ Miriam España Acebal ]
  * d/rules: _minor_sdk_version calculation updated to parse last two digits.

 -- Ian Constantin <email address hidden> Tue, 11 Oct 2022 11:21:24 -0400

Source diff to previous version
CVE-2022-41032 NuGet Client Elevation of Privilege Vulnerability. ...

Version: 6.0.109-0ubuntu1~22.04.1 2022-09-13 22:06:15 UTC

  dotnet6 (6.0.109-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: denial of service
    - CVE-2022-38013: ASP.NET Core MVC vulnerable to stack overflow via
      ModelStateDictionary recursion.
  * d/control: removed the libunwind-13 dependency for dotnet-runtime-6.0
    (LP: 1984450)
  * d/README.source: updated with info regarding private repo use.

 -- Ian Constantin <email address hidden> Mon, 12 Sep 2022 17:38:40 -0400

Source diff to previous version
CVE-2022-38013 .NET Core and Visual Studio Denial of Service Vulnerability. ...

Version: 6.0.108-0ubuntu1~22.04.1 2022-08-10 10:06:17 UTC

  dotnet6 (6.0.108-0ubuntu1~22.04.1) jammy; urgency=medium

  * Backport to jammy (LP: #1983380).
  * New upstream release.
  * SECURITY UPDATE
    - CVE-2022-34716: External Entity Injection during XML signature
      verification

1983380 Backport 6.0.107 to jammy
CVE-2022-34716 RESERVED



About   -   Send Feedback to @ubuntu_updates