[ALSA-2024:3340] Important: .NET 7.0 security update
Type:
security
Severity:
important
Release date:
2024-05-29
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el8_10.aarch64.rpm 28ddc52d793093c690b2620c69c62152c0c0e9af43cddee002265097cf1acc98
aarch64 dotnet-sdk-7.0-7.0.119-1.el8_10.aarch64.rpm 55fa22e366571b544fe8af3a5b8d150f3747d6c2bf3a7367409e4f37d2ddedda
aarch64 dotnet-targeting-pack-7.0-7.0.19-1.el8_10.aarch64.rpm 951fa0a59e3af94efb682d829f8174cc965b049600678fd5d36911a32d73797d
aarch64 dotnet-apphost-pack-7.0-7.0.19-1.el8_10.aarch64.rpm 9b7c77bea00780f6ec5fd0427724a56e194b0721be870dcb0465cf4bfc02fcc1
aarch64 dotnet-runtime-7.0-7.0.19-1.el8_10.aarch64.rpm b603e14058f1b9288577be793c2b5e37ccd62d0759359007344988a5c8a6befe
aarch64 dotnet-templates-7.0-7.0.119-1.el8_10.aarch64.rpm d51affc3c69cb9992d6dfa081645cc48aa0173f4a25288eb1e5733aef7311339
aarch64 aspnetcore-runtime-7.0-7.0.19-1.el8_10.aarch64.rpm eaa466f821309d65fe14610d1df28443e56fc81581c261a7f41615e10aeea927
aarch64 aspnetcore-targeting-pack-7.0-7.0.19-1.el8_10.aarch64.rpm fd37f33536dd7fb56d0ed3f97ef2391299aa1e8f5fcad96c3a17c6b0a699873b
aarch64 dotnet-hostfxr-7.0-7.0.19-1.el8_10.aarch64.rpm fe938307b4a9d0612376dbf944784dc468a17597caf60b7078aeb9b74a2e2cec
ppc64le dotnet-templates-7.0-7.0.119-1.el8_10.ppc64le.rpm 0fc9a69e66085da1d96033d99a3a383f26853efc13890acebf3421d4a32c00eb
ppc64le dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el8_10.ppc64le.rpm 1c6164c8778ad91cd72b53ca4509e21ed4391108d90806966d2bc6f1cf886ba4
ppc64le dotnet-hostfxr-7.0-7.0.19-1.el8_10.ppc64le.rpm 2ce8f59d7b17d885cb5abf0b672b053d1dfe3529ecbd784fa0948af060a09e1e
ppc64le dotnet-runtime-7.0-7.0.19-1.el8_10.ppc64le.rpm 75242e5b9797c63216fd45630a6358be07a58d4423cfd93f6bb498449820c7d0
ppc64le dotnet-sdk-7.0-7.0.119-1.el8_10.ppc64le.rpm 84371fb8401fdf80d4faf7df11bf49bf2acf565adaf26f625583ce3a7e4bafd8
ppc64le aspnetcore-targeting-pack-7.0-7.0.19-1.el8_10.ppc64le.rpm 8d66776843f8cf0e9de177a0c4460f8a409185bb1d5957381766358a4f608628
ppc64le dotnet-targeting-pack-7.0-7.0.19-1.el8_10.ppc64le.rpm b61d4f91ca24bebc8ad47bc6abac4d52edc27ddb9e73cd5c61862ec02ce3daa1
ppc64le aspnetcore-runtime-7.0-7.0.19-1.el8_10.ppc64le.rpm c01135d79457f905353eebbd08e094f5ab4f083430e0395c67bb5243d2895403
ppc64le dotnet-apphost-pack-7.0-7.0.19-1.el8_10.ppc64le.rpm dccd22aef3d879de37ae696a089cb921b27cac64695623715953b2e3c4199525
s390x dotnet-targeting-pack-7.0-7.0.19-1.el8_10.s390x.rpm 0753486d2dc815466ba3f99e8b56ef6ca4648b9dd0463f444898bda9f975a7aa
s390x dotnet-runtime-7.0-7.0.19-1.el8_10.s390x.rpm 07870326007d44cd0178f93c33aa0d12f5a3944f2a8c31f60ed9b58e00c3df6b
s390x dotnet-sdk-7.0-7.0.119-1.el8_10.s390x.rpm 38bc9011a3191e6684576a520cb02d2756178e657fea02af3553be4e021342a6
s390x aspnetcore-runtime-7.0-7.0.19-1.el8_10.s390x.rpm 57b9eb1598ee41ee4f1fd4344600ac1969b072ea7e146e58d70332d576b56178
s390x dotnet-templates-7.0-7.0.119-1.el8_10.s390x.rpm 7a35069445d33b76794e0d01ada0b38c69f01a6e038d1536f70b81f041b49b76
s390x dotnet-hostfxr-7.0-7.0.19-1.el8_10.s390x.rpm 9d0d10daa2014870d98c3a225d79b48298f2e02a1a30d8c2bbec12fb96f0b148
s390x aspnetcore-targeting-pack-7.0-7.0.19-1.el8_10.s390x.rpm c4b5a39f669564a38aa7aac1b061d047cf91458019d79316dfe692f0ed94c66b
s390x dotnet-apphost-pack-7.0-7.0.19-1.el8_10.s390x.rpm d2f104c6abfd408cf82c1dc16fa9222f2105257472d4eb1644b866baf049865b
s390x dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el8_10.s390x.rpm fca860ceb45647023c527968f69b36b81e87441c78b33f529188671f85964bb5
x86_64 aspnetcore-targeting-pack-7.0-7.0.19-1.el8_10.x86_64.rpm 295aca68ce661e83ad1675dc726552656a3a4640d0d9a755baa76f633e0da2ef
x86_64 aspnetcore-runtime-7.0-7.0.19-1.el8_10.x86_64.rpm 31e3be55221418f069071ef5c339ce642646c3ca5deb92194b50545db4d5d747
x86_64 dotnet-apphost-pack-7.0-7.0.19-1.el8_10.x86_64.rpm 80c3bdcc2f4c76c11a045133da428e2a1ea7479c898f823c1e81f6717bd3091c
x86_64 dotnet-runtime-7.0-7.0.19-1.el8_10.x86_64.rpm b7b50cda5e61a1b7771e8e50e7fecad39146cf86e5aa1b553ce3e8377017cc62
x86_64 dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el8_10.x86_64.rpm bd2bc5ea4e7b5dd890e0203e70fdf54853c40d8f22fd3daba12ad577a28406ae
x86_64 dotnet-targeting-pack-7.0-7.0.19-1.el8_10.x86_64.rpm be61c690325a85947292432c332542ff7ae1ee71d935b22729d369f1e4cae0c0
x86_64 dotnet-hostfxr-7.0-7.0.19-1.el8_10.x86_64.rpm d3cfefdb3afc82dcd3b246cab5ba83d3cedd7fd0e1c071218ee0fe15f37e59b3
x86_64 dotnet-sdk-7.0-7.0.119-1.el8_10.x86_64.rpm fc39cfe7544fdcc311c1094c1ee3a659912255af6fa3ef23dfb07f27976824b3
x86_64 dotnet-templates-7.0-7.0.119-1.el8_10.x86_64.rpm ffc60cf7782e438ea90406274df035c19150f926d27e2c3767b94f5b337bc0e8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.