[ALSA-2023:0077] Moderate: .NET 6.0 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2023-01-12
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154459) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dotnet-sdk-6.0-6.0.113-1.el9_1.aarch64.rpm 09923d28bb33dc0aec7c242de4b02d89328679d82f069c959009fdc6b2b27ed7
aarch64 aspnetcore-targeting-pack-6.0-6.0.13-1.el9_1.aarch64.rpm 49d26d771ba13a414b649e5efbd9d7962e9877d6cab229c3f406ecaca4a908d7
aarch64 dotnet-targeting-pack-6.0-6.0.13-1.el9_1.aarch64.rpm 8c1baa4b2a0739faadf98d3f2c0fbac57a5c727e8728fbf84b71d86a7a709b9a
aarch64 aspnetcore-runtime-6.0-6.0.13-1.el9_1.aarch64.rpm a316198e2df12aeb75ae3fc31b90d5b10470e7cbbddc28bc3c859598e1d22454
aarch64 dotnet-hostfxr-6.0-6.0.13-1.el9_1.aarch64.rpm b4941cec76dc2f7b2ccd4c0780046d0feb262a23d2e9cb203afaa2b06622295d
aarch64 dotnet-templates-6.0-6.0.113-1.el9_1.aarch64.rpm b7c4599cd52e71666bfd7d4616fea307811ab9e21c1c2d2d9d3dbe4c035c96a3
aarch64 dotnet-runtime-6.0-6.0.13-1.el9_1.aarch64.rpm bdba1bbf724f1f09a33fc0dcc778660d1e61862e70a06f2ead4a3615534b0f3a
aarch64 dotnet-apphost-pack-6.0-6.0.13-1.el9_1.aarch64.rpm d81bad845a290ca25abc3be51a89f7646585159969c78d0d943fdca78e38be02
aarch64 dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el9_1.aarch64.rpm e935d0c6b13896e348f80afcd0954e99f7aa7030413d5a756bb953f5e809da18
s390x dotnet-runtime-6.0-6.0.13-1.el9_1.s390x.rpm 0b18e10471be45bc10730e334d624c2c463f0f620e992a7c280aad6381b8e828
s390x dotnet-sdk-6.0-6.0.113-1.el9_1.s390x.rpm 1263551d531aa44ad86054f14f2718770f556c601bf0512c33f86b95275b303d
s390x aspnetcore-targeting-pack-6.0-6.0.13-1.el9_1.s390x.rpm 4327a41a3b7829c3d58eb772f63094a3b60da8a948df3a58c402a94b861bfc88
s390x dotnet-templates-6.0-6.0.113-1.el9_1.s390x.rpm 57298585f45512aa53d9e7e9132101a04f82415c161af67cc8a38c8ea8fa0918
s390x dotnet-hostfxr-6.0-6.0.13-1.el9_1.s390x.rpm 597c8c55a4b3ab640adfb040c8ced90bbbf98f9c17c6bf027c597f367578419a
s390x dotnet-targeting-pack-6.0-6.0.13-1.el9_1.s390x.rpm 794f4b0b8185c84f6ecd6c13ae9ca320d481cb0a95a02508a9961b5481ba1cbb
s390x dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el9_1.s390x.rpm b17f55a9a53b6e8b23e2a74ea58cab8f53307ec0061d3e6028c8f5762540a45d
s390x aspnetcore-runtime-6.0-6.0.13-1.el9_1.s390x.rpm b1b486d2821debec64561aa48977893a2d6c7c543e64d00769ef8cd38a80a3fa
s390x dotnet-apphost-pack-6.0-6.0.13-1.el9_1.s390x.rpm f4fc35d18bfe8dfcae6a19a79073296d3cfedf64b87d9ecd558f37c7e88c0df6
x86_64 dotnet-runtime-6.0-6.0.13-1.el9_1.x86_64.rpm 207ee23162afbf69c934f78411fa4f331501fd4437b97a4abd404d33bfdabecc
x86_64 aspnetcore-runtime-6.0-6.0.13-1.el9_1.x86_64.rpm 3599cf5c44e01c2f89478d5624d40912497cc29bda995a86ad4bc9713f9e1019
x86_64 dotnet-hostfxr-6.0-6.0.13-1.el9_1.x86_64.rpm 68caf516ed410bfc2bd1b47d103ea43c504f82e81b4a8258a95f32171227fc1c
x86_64 dotnet-sdk-6.0-6.0.113-1.el9_1.x86_64.rpm 943d3e6463ce861bba0c579eecd4f961aced76ddd15c133cb81b2c90d776eb4f
x86_64 dotnet-apphost-pack-6.0-6.0.13-1.el9_1.x86_64.rpm a37d460d3092314981b4107bf36decdd70519e9efa118e38a0828c2f789fd811
x86_64 aspnetcore-targeting-pack-6.0-6.0.13-1.el9_1.x86_64.rpm a5acc8f1b6b12cca5d9c79b9b29ed51039efe50baadfac42c5e5cf4673cbb257
x86_64 dotnet-templates-6.0-6.0.113-1.el9_1.x86_64.rpm cbedd77d4435097f8403d39d074e1b363781c6351a4e7a387a733d8e00f3c892
x86_64 dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el9_1.x86_64.rpm d0c8d3fdc984b2a4689258dd0b6cef53cd09864c54f156d9abb163a3e8977be0
x86_64 dotnet-targeting-pack-6.0-6.0.13-1.el9_1.x86_64.rpm eda6e0f8584dbcf5675e3fba8512a4f3327836601b0495092ce4099d8ae8eaaf
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.