ALSA-2023:4059

[ALSA-2023:4059] Important: .NET 6.0 security, bug fix, and enhancement update

Type:

security

Severity:

important

Release date:

2023-07-14

Description:

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

The following packages have been upgraded to a later upstream version: dotnet6.0 (SDK 6.0.120, Runtime 6.0.20). (BZ#2219639)

Security Fix(es):

* dotnet: race condition in Core SignInManager PasswordSignInAsync method (CVE-2023-33170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	dotnet-targeting-pack-6.0-6.0.20-1.el8_8.aarch64.rpm	018c0a0bd3da792f15395e6f50c3ac1a7e183277b1a74a1d21cfbcdafb0ba2bf
aarch64	aspnetcore-runtime-6.0-6.0.20-1.el8_8.aarch64.rpm	05c42bc90e46335223d1ad33a67bb80c1855b5539e96e054b6729e9153af9f96
aarch64	dotnet-runtime-6.0-6.0.20-1.el8_8.aarch64.rpm	3f061d55c39b1f1f21c3c14d68376f2bc868556d949f2b25ed793eb11e466fad
aarch64	dotnet-apphost-pack-6.0-6.0.20-1.el8_8.aarch64.rpm	5ac9c1d25d81ab2818d5beb0ce0cc38b5d514b87476694a737ada789e98cb147
aarch64	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el8_8.aarch64.rpm	77ee686778af64fb66d75c9801769f0c729422f9c874d418debf7eae8f8f45e5
aarch64	dotnet-sdk-6.0-6.0.120-1.el8_8.aarch64.rpm	a4f37a9f79df353846ab0326826b5422cc313f98812f81612b14bb0ff0a91c73
aarch64	dotnet-hostfxr-6.0-6.0.20-1.el8_8.aarch64.rpm	a7720ccf5ece100a0de832915e7370ddfb8455591d350acd27aace22627fe315
aarch64	dotnet-templates-6.0-6.0.120-1.el8_8.aarch64.rpm	be0e739f32fd13877ddbd2f0db28c7c5fc60085b17055e69e7ce58db742b0b9f
aarch64	aspnetcore-targeting-pack-6.0-6.0.20-1.el8_8.aarch64.rpm	cd9629beea1ff53247828e970056b93005dcc38f66846448771ef74a8c7469da
s390x	dotnet-apphost-pack-6.0-6.0.20-1.el8_8.s390x.rpm	1df7545475bfd785722737c693a8ef3e6e78613f36496687d982b8ed5d5d606f
s390x	aspnetcore-runtime-6.0-6.0.20-1.el8_8.s390x.rpm	23f5991fc4d9f1ad498884df2c1de31e35b5d6f2103d9ea1ed1a2b12d89f336e
s390x	dotnet-runtime-6.0-6.0.20-1.el8_8.s390x.rpm	65bf2dadad9659df4c12ec2b433cff264855c78f32d9c711a43962cafb254daa
s390x	dotnet-templates-6.0-6.0.120-1.el8_8.s390x.rpm	69f84f2508b2218426cc26db4f4f2629ffcda47532172f4dfa73804a3de3be63
s390x	dotnet-targeting-pack-6.0-6.0.20-1.el8_8.s390x.rpm	6d07d93e164c958a5d4d372162e851d85b7f207703d400718a486c9833b3189b
s390x	aspnetcore-targeting-pack-6.0-6.0.20-1.el8_8.s390x.rpm	998449fe31b4504d467280f37ef119514c5cfa72eb15d14c41fba552f293ef5b
s390x	dotnet-sdk-6.0-6.0.120-1.el8_8.s390x.rpm	aa116276f632c55579e9cf6532be059959a225a2212f3d74c8fae5edfcbea771
s390x	dotnet-hostfxr-6.0-6.0.20-1.el8_8.s390x.rpm	afab1f09282720c9f3ab0f24bcef544df8f977423d3b94366eac3779ff57732c
s390x	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el8_8.s390x.rpm	b7bbc26e9eab218120a992aabefec10aae215007ba88e50269d1aa036215c789
x86_64	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el8_8.x86_64.rpm	07c6b654474ca49319fb61eaee29eae04dfa738314ef78682758bbdd72bf0fc4
x86_64	aspnetcore-runtime-6.0-6.0.20-1.el8_8.x86_64.rpm	0a1bc0438f80e93b4cb07bc856904ab0e2d31b8dbd36ce7dc033e53e863465fa
x86_64	dotnet-templates-6.0-6.0.120-1.el8_8.x86_64.rpm	14d7904f6f7038e1b66ceb2e38db1d6967fedbeb67531f07c4a564df6850288e
x86_64	dotnet-sdk-6.0-6.0.120-1.el8_8.x86_64.rpm	356536be199f88253698e4e905de6dd778e9fb26cb99ae0bac909b5c27c75f3d
x86_64	dotnet-targeting-pack-6.0-6.0.20-1.el8_8.x86_64.rpm	509552f6422b3509c0e782c31458f4cad9c74f4437509015e13620a149dab597
x86_64	dotnet-apphost-pack-6.0-6.0.20-1.el8_8.x86_64.rpm	8d27a1fa87898bb45bb795942f35db19e1201f2d4ca09a678191444ca357a3e9
x86_64	dotnet-hostfxr-6.0-6.0.20-1.el8_8.x86_64.rpm	dc75e7645d8bbc049bdc30ba70733cd370066fc155107cb019f77958f6e0064d
x86_64	dotnet-runtime-6.0-6.0.20-1.el8_8.x86_64.rpm	eb5088b0b8051718858b42b7170a5aceb00b77a017eb115daf6b5396ebac5ed3
x86_64	aspnetcore-targeting-pack-6.0-6.0.20-1.el8_8.x86_64.rpm	f02a67b20d8a7e48eef87cdbc03acd6f795cc606a2b5b26f7232ce2b9c678b77

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.