UbuntuUpdates.org

Package "dotnet6"




Name: dotnet6

Description:

dotNET CLI tools and runtime
Latest version: *DELETED*
Release: mantic (23.10)
Level: security
Repository: universe
Homepage: https://dot.net/core

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dotnet6"

APT INSTALL

Other versions of "dotnet6" in Mantic

Repository Area Version
base universe 6.0.121-0ubuntu1
security main 6.0.127-0ubuntu1~23.10.1
updates main 6.0.128-0ubuntu1~23.10.2
proposed main 6.0.129-0ubuntu1~23.10.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2024-04-21 00:06:57 UTC
No changelog for deleted or moved packages.

Version: 6.0.127-0ubuntu1~23.10.1 2024-02-13 22:06:52 UTC

  dotnet6 (6.0.127-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service
    - CVE-2024-21386: denial of service vector in SignalR server.
  * SECURITY UPDATE: denial of service
    - CVE-2024-21404: .NET with OpenSSL support is vulnerable to a denial of
      service when parsing X509 certificates.

 -- Nishit Majithia <email address hidden> Fri, 09 Feb 2024 10:42:40 +0530
Source diff to previous version
CVE-2024-21386 .NET Denial of Service Vulnerability
CVE-2024-21404 .NET Denial of Service Vulnerability

Version: 6.0.126-0ubuntu1~23.10.1 2024-01-11 15:07:11 UTC

  dotnet6 (6.0.126-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY UPDATE: validation bypass
    - CVE-2024-0057: X509 Certificates - Validation Bypass across Azure
  * SECURITY UPDATE: denial of service
    - CVE-2024-21319: Azure Identity - Pre-Authentication DoS in JWT

 -- Nishit Majithia <email address hidden> Thu, 04 Jan 2024 12:28:52 +0530
Source diff to previous version
CVE-2024-0057 NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-21319 Microsoft Identity Denial of service vulnerability

Version: 6.0.125-0ubuntu1~23.10.1 2023-11-14 21:09:49 UTC

  dotnet6 (6.0.125-0ubuntu1~23.10.1) mantic-security; urgency=medium

  [ Nishit Majithia ]
  * New upstream release
  * SECURITY UPDATE: security feature bypass
    - CVE-2023-36558: Security Feature Bypass in Blazor forms
  * SECURITY UPDATE: Arbitrary File Write and Deletion
    - CVE-2023-36049: Microsoft .NET FormatFtpCommand CRLF Injection
      Arbitrary File Write and Deletion

 -- Ian Constantin <email address hidden> Mon, 13 Nov 2023 15:38:02 +0200
Source diff to previous version

Version: 6.0.124-0ubuntu1~23.10.1 2023-10-25 05:12:41 UTC

  dotnet6 (6.0.124-0ubuntu1~23.10.1) mantic-security; urgency=medium

  * New upstream release
  * SECURITY REGRESSION: regression update (LP: #2040207)
    - Addresses a regression previously introduced by the fix for
      CVE-2023-36799

 -- Nishit Majithia <email address hidden> Mon, 23 Oct 2023 12:21:44 +0530
2040207 Update to 6.0.124
CVE-2023-36799 .NET Core and Visual Studio Denial of Service Vulnerability


About   -   Send Feedback to @ubuntu_updates