ALSA-2022:6058

[ALSA-2022:6058] Moderate: .NET 6.0 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2022-08-17

Description:

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.108 and .NET Runtime 6.0.8.
Security Fix(es):
* dotnet: External Entity Injection during XML signature verification (CVE-2022-34716)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	aspnetcore-runtime-6.0-6.0.8-1.el8_6.aarch64.rpm	0af456074f940fd56172055add0f4e3d6330aa5bdeaeb40fb84ccfc45ec7088b
aarch64	dotnet-host-6.0.8-1.el8_6.aarch64.rpm	1fb204ab1093eb348cc44002c39584f85a787790da4cf07bfb76a68348dbaf32
aarch64	dotnet-hostfxr-6.0-6.0.8-1.el8_6.aarch64.rpm	28d0fc7cedd566e3166c7849a6a8e1e9f68877d94bff1ce7131a298dcdd76f72
aarch64	dotnet-sdk-6.0-6.0.108-1.el8_6.aarch64.rpm	4e29b85c84133fafe42b6748e960a7bcfdc6e878d2418d730fb6f976424fa84c
aarch64	dotnet-targeting-pack-6.0-6.0.8-1.el8_6.aarch64.rpm	56b4541f8c91e74f01cfa039caede028165dc8eaac6bf7ab1424b17891615d6d
aarch64	netstandard-targeting-pack-2.1-6.0.108-1.el8_6.aarch64.rpm	8e910986dc686553f446778d80fcf3a8fe052b93b6f28696e9e3b46f8a2b811a
aarch64	dotnet-apphost-pack-6.0-6.0.8-1.el8_6.aarch64.rpm	cee5d8cefe6ae7a2d40a5a9be8e4892c5c4a666af9ad1a2f273bf85a910ac9dd
aarch64	dotnet-sdk-6.0-source-built-artifacts-6.0.108-1.el8_6.aarch64.rpm	d26dec17ff34f9ea4f40432d37874751d61b0b622047d08816dbe8a87b9d0740
aarch64	dotnet-runtime-6.0-6.0.8-1.el8_6.aarch64.rpm	d6c2082b99994c9338ba917c0d60ada62547a63f7da1a3517db678875d6ff1a2
aarch64	dotnet-6.0.108-1.el8_6.aarch64.rpm	e5c7f189b722ac703c02db7c25aa2b81f89e39a6c9669d77256c238716b7b877
aarch64	aspnetcore-targeting-pack-6.0-6.0.8-1.el8_6.aarch64.rpm	ed540d65088654f8018c263652940d4c71a58c03254aeac9ce2f0ba90433a2f5
aarch64	dotnet-templates-6.0-6.0.108-1.el8_6.aarch64.rpm	ff1edca8db6d41e5cfb1a894e58f5ad41d2e73638d0599e504ce7c334039ba0b
x86_64	netstandard-targeting-pack-2.1-6.0.108-1.el8_6.x86_64.rpm	02c416b7cb44907a100787b659aaddc2d60abe4a5b8e44ff6b7a75bcd44dbf12
x86_64	dotnet-sdk-6.0-source-built-artifacts-6.0.108-1.el8_6.x86_64.rpm	06bb3391d14ca00ce7f3a720c21724ccf18fdeae8ef0186d8f2c40f52be4d021
x86_64	dotnet-sdk-6.0-6.0.108-1.el8_6.x86_64.rpm	135dfa9156a4c66ea59b6d45056c8aaa9de4d71519e1761b278933bd28361de6
x86_64	aspnetcore-targeting-pack-6.0-6.0.8-1.el8_6.x86_64.rpm	22cf1073630449213a5b207eca5d9d162665e2d7afb325203f3e103d3982364f
x86_64	dotnet-6.0.108-1.el8_6.x86_64.rpm	3442e8e1a8835e0211b8a9f3a34d66f567ebe1147137b4c0ec87e3466535c19d
x86_64	dotnet-apphost-pack-6.0-6.0.8-1.el8_6.x86_64.rpm	3b6438e103545f66ef88d3565d45d68eec4ff3e5ed46d235e37900fa877be06a
x86_64	dotnet-host-6.0.8-1.el8_6.x86_64.rpm	4ed248d0e34b311a3911341868ed83615f89e96be2f96ef76e12d50d180c60e9
x86_64	dotnet-templates-6.0-6.0.108-1.el8_6.x86_64.rpm	b77327acee67ac72f81dca53e14b5ee25dbf95d192afe75764a4f5f9d8e43a31
x86_64	dotnet-hostfxr-6.0-6.0.8-1.el8_6.x86_64.rpm	d8fe80002a55900325ac4273c91e7693eb62f11b7a2f098ecd46f0a611e83c6d
x86_64	aspnetcore-runtime-6.0-6.0.8-1.el8_6.x86_64.rpm	e87789e846bee133c6d5c71c9251ea86d2c5d7a29fb496bd8617ab0662cb9fb9
x86_64	dotnet-targeting-pack-6.0-6.0.8-1.el8_6.x86_64.rpm	e92050008aa51e2a8b5648a4d5c35029b3856cf56979178a7e5cf977e8b56b4d
x86_64	dotnet-runtime-6.0-6.0.8-1.el8_6.x86_64.rpm	eff401e84bd4e44be353a0ebc8952f9fed1d42b8141f69eac0ca5bee951b2ed7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.