[ALSA-2023:4057] Important: .NET 7.0 security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2023-07-14
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet7.0 (SDK 7.0.109, Runtime 7.0.9). (BZ#2219634) Security Fix(es): * dotnet: race condition in Core SignInManager PasswordSignInAsync method (CVE-2023-33170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dotnet-runtime-7.0-7.0.9-1.el9_2.aarch64.rpm 059d5937041506bef1f2e8eb5b6b6509851f09ebcbd6010d222b45eac08e87e0
aarch64 dotnet-hostfxr-7.0-7.0.9-1.el9_2.aarch64.rpm 1fb3c6c92765450a6e5cd0cc80d174cf90e755f37c3ea2950684b9b589aeb333
aarch64 dotnet-host-7.0.9-1.el9_2.aarch64.rpm 3a87c16080cbc6eb762ecbcb582ca05ce9eae32d9c4147c71fea539e59cc4315
aarch64 netstandard-targeting-pack-2.1-7.0.109-1.el9_2.aarch64.rpm 7a1555c376df3a218689ea302ec9968abb224a6d10a47a85a6383ae43575846e
aarch64 dotnet-sdk-7.0-7.0.109-1.el9_2.aarch64.rpm 944f9754587a0b26316d922aa92924ed0fc52946d6069437a6c9a284511022ab
aarch64 dotnet-templates-7.0-7.0.109-1.el9_2.aarch64.rpm 9b3ea5321813f7dd3b54e9798125956538889841302c1f6172d6e4c03136259a
aarch64 dotnet-sdk-7.0-source-built-artifacts-7.0.109-1.el9_2.aarch64.rpm b2b485d6746fffbd7c73e9fca7d28e5ba2807f043ee69c64c5b9d9c741025147
aarch64 dotnet-apphost-pack-7.0-7.0.9-1.el9_2.aarch64.rpm b38679b6ac7ee9092b3aa6d1077a07a78b5498327a903ee1c8f75aa0f927ad64
aarch64 dotnet-targeting-pack-7.0-7.0.9-1.el9_2.aarch64.rpm bd118ca5710ce3e0582fe356802f427eaf5dfdb9615aa6b02c2403beaf2831d9
aarch64 aspnetcore-runtime-7.0-7.0.9-1.el9_2.aarch64.rpm e07664bccf9b3e7ff52c34882cc85e72d17c92debd02c4a770242849cecc1cd6
aarch64 aspnetcore-targeting-pack-7.0-7.0.9-1.el9_2.aarch64.rpm f734beb3b1fd88d0e9a8b2b59fd94a9c82ff4045b2da2cd03df42403876e73f2
ppc64le aspnetcore-runtime-7.0-7.0.9-1.el9_2.ppc64le.rpm 28d0ec58491b7001837ca7c357413e916287a31bd4c38d507cdeee77d41379b7
ppc64le dotnet-sdk-7.0-7.0.109-1.el9_2.ppc64le.rpm 4c2368b69096536df77e0b0ad4e43fea34229a9462e65fb97fb5f0f95f0d3d9e
ppc64le dotnet-sdk-7.0-source-built-artifacts-7.0.109-1.el9_2.ppc64le.rpm 4d0498fde0bd9fad1be68e5a4d1e5c2483f5661ee1023e4f7a3ef1b307f43a07
ppc64le dotnet-runtime-7.0-7.0.9-1.el9_2.ppc64le.rpm 5eb617a1181e2e78fbe6a98e0d5caaea0bdea2a94858150e818a609a120a09c3
ppc64le dotnet-templates-7.0-7.0.109-1.el9_2.ppc64le.rpm 5fcbdee71da671bd389f9cad468d2676cfbfc94859ed9b11884c8b03fde248d9
ppc64le dotnet-targeting-pack-7.0-7.0.9-1.el9_2.ppc64le.rpm 6472fcfbc628501e43522f73836cdb285a218a89d0186d830ddc23337350cf53
ppc64le dotnet-host-7.0.9-1.el9_2.ppc64le.rpm 64fa6a67b3f187d7d1896f8e121c7d782e460c50e4ee259fe2f5a898ba054bee
ppc64le aspnetcore-targeting-pack-7.0-7.0.9-1.el9_2.ppc64le.rpm 76c92b70abcb6c709832b713d1bdc81e4deec28bedd6bed16bc1b5beb01cea8a
ppc64le dotnet-apphost-pack-7.0-7.0.9-1.el9_2.ppc64le.rpm a1909fa99a9af7e1606577ff253858611144c784191a6415a58a269d7669124e
ppc64le dotnet-hostfxr-7.0-7.0.9-1.el9_2.ppc64le.rpm cd596aa178936ec5fc3bdc848e0a223b8d24253dae8735a87d8966b9388eee43
ppc64le netstandard-targeting-pack-2.1-7.0.109-1.el9_2.ppc64le.rpm e3d23dd7c156afd1ac33e759fe13df2cd6985cf7e5999e69fc628b6d6bbf5121
s390x aspnetcore-targeting-pack-7.0-7.0.9-1.el9_2.s390x.rpm 30e244c6061c2d0a68707d9f049761195f1e1625260f1f16920724a5f6eb4642
s390x dotnet-sdk-7.0-7.0.109-1.el9_2.s390x.rpm 40d8ac2bbf083a7709b926a87b14d921281e66ebd53c5adb826bf96cdc81680d
s390x dotnet-targeting-pack-7.0-7.0.9-1.el9_2.s390x.rpm 457e5bd1cafad9be5aa9f7b3cd06f582e6fdeb1c8332a15d75697832d5a03864
s390x dotnet-sdk-7.0-source-built-artifacts-7.0.109-1.el9_2.s390x.rpm 4d5cbaed505bad402b1c78c114c2e0b1e47509218ec9a84a74ab8be6b69aa333
s390x dotnet-host-7.0.9-1.el9_2.s390x.rpm 525feb5fc13829d4628fd56359051a540f3a74be9cc39c8fbfa0a85b5045274f
s390x dotnet-runtime-7.0-7.0.9-1.el9_2.s390x.rpm 72375260341d5e96d2fcbdd2efda4fbd8a2df04b6f7b57f675dcf86a02ac3bb7
s390x dotnet-hostfxr-7.0-7.0.9-1.el9_2.s390x.rpm a2caf36197640fa8adb1114fd26c4b3b1383dcd734a5a53c12ed923b804346e9
s390x dotnet-templates-7.0-7.0.109-1.el9_2.s390x.rpm ed36d4c6f5473b7e0f6e0797810fab75d53188eb49d7bb094bdd81e46309eca9
s390x netstandard-targeting-pack-2.1-7.0.109-1.el9_2.s390x.rpm f37fe6b82c8171d1da65c7e84d3b14f74e53aa6200d21f9cfffcbf575a9af31a
s390x aspnetcore-runtime-7.0-7.0.9-1.el9_2.s390x.rpm f8c3c04dd0f1c0df258df04f2e7ab50ccc827562a6154272a7a5dba6e98e95ce
s390x dotnet-apphost-pack-7.0-7.0.9-1.el9_2.s390x.rpm f91ab8d819da9134c90f42d33e3a0167722ac6021078e5b14c2227bf5d133e34
x86_64 dotnet-sdk-7.0-7.0.109-1.el9_2.x86_64.rpm 026cd6f43225b8c44c9740cd43bfd6c8c04ff44a02aa0885bd484e78e9986e74
x86_64 netstandard-targeting-pack-2.1-7.0.109-1.el9_2.x86_64.rpm 0dd454f647d537bd87ca9f775df2233f3a47d5c6188827dbf292a8244fbd25de
x86_64 dotnet-sdk-7.0-source-built-artifacts-7.0.109-1.el9_2.x86_64.rpm 1831e73c259a43a7a7aedd1cee6809a584d21c95fcbf89a5e892c3d96aeb323a
x86_64 dotnet-hostfxr-7.0-7.0.9-1.el9_2.x86_64.rpm 46cc9228cc3e7fb53a743f9cc61a1278f1b67ae4c5eb304a70c800cc2d43b1ca
x86_64 dotnet-runtime-7.0-7.0.9-1.el9_2.x86_64.rpm 4f8fc899bdb3340bea19c7cb70a6bf5e8079ced31c6dc29f87629f7589d9fc30
x86_64 dotnet-targeting-pack-7.0-7.0.9-1.el9_2.x86_64.rpm 565f7f74e7c323aaa0ab681cccac63062feb28f7bded87f0ed930baed58b2633
x86_64 dotnet-apphost-pack-7.0-7.0.9-1.el9_2.x86_64.rpm 584df02176fd6d53f3544a6a0db810554755f3492975b680c1805abc339c6a4e
x86_64 dotnet-templates-7.0-7.0.109-1.el9_2.x86_64.rpm 8c59cf9231c70376b6894ce2b97cf49aceab90505266f977446e3b01a8409a29
x86_64 aspnetcore-runtime-7.0-7.0.9-1.el9_2.x86_64.rpm ab37edbcb8dcd943fca9be13bf23b4bd4a6c6276c377f75437cc1dd759df996a
x86_64 aspnetcore-targeting-pack-7.0-7.0.9-1.el9_2.x86_64.rpm b48677f680f2148e45530b77843faafb780dd0256ac1ab3d0c82027979176700
x86_64 dotnet-host-7.0.9-1.el9_2.x86_64.rpm dc2e9dbca3f6bc2facb58cb43bf9a50806f58bf4037241926d5dc6cf15eea621
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.