UbuntuUpdates.org

Package "dotnet8"

Name: dotnet8

Description:

.NET CLI tools and runtime

Latest version: 8.0.105-8.0.5-0ubuntu1~23.10.1
Release: mantic (23.10)
Level: security
Repository: main
Homepage: https://dot.net

Links


Download "dotnet8"


Other versions of "dotnet8" in Mantic

Repository Area Version
updates main 8.0.105-8.0.5-0ubuntu1~23.10.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 8.0.105-8.0.5-0ubuntu1~23.10.1 2024-05-15 15:07:00 UTC

  dotnet8 (8.0.105-8.0.5-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: stack buffer overflow
    - CVE-2024-30045: a stack based buffer overflow in the .NET Double Parse
      routine allows for remote code execution.
  * SECURITY UPDATE: resource dead-lock
    - CVE-2024-30046: a dead-lock in Http2OutputProducer.Stop() results in a
      denial of service.

 -- Ian Constantin <email address hidden> Thu, 09 May 2024 17:16:34 +0300

Source diff to previous version
CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-30046 Visual Studio Denial of Service Vulnerability

Version: 8.0.103-8.0.3-0ubuntu1~23.10.1 2024-04-19 00:07:16 UTC

  dotnet8 (8.0.103-8.0.3-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service
    - CVE-2024-21392: DoS in .NET Core / YARP HTTP / 2 WebSocket support.

 -- Ian Constantin <email address hidden> Fri, 08 Mar 2024 10:26:20 +0200

CVE-2024-21392 .NET and Visual Studio Denial of Service Vulnerability



About   -   Send Feedback to @ubuntu_updates