ALSA-2023:4060

[ALSA-2023:4060] Important: .NET 6.0 security, bug fix, and enhancement update

Type:

security

Severity:

important

Release date:

2023-07-13

Description:

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

The following packages have been upgraded to a later upstream version: dotnet6.0 (SDK 6.0.120, Runtime 6.0.20). (BZ#2219640)

Security Fix(es):

* dotnet: race condition in Core SignInManager PasswordSignInAsync method (CVE-2023-33170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	dotnet-templates-6.0-6.0.120-1.el9_2.aarch64.rpm	109e150ebb9d3bf70b126f82b0d4ec1c6fa7fdf5b5f761f11a5289ed80b19353
aarch64	dotnet-targeting-pack-6.0-6.0.20-1.el9_2.aarch64.rpm	2563c25fede6f231b78365d35338936f973395ecc19cd8ff9840f750c42e82ff
aarch64	dotnet-runtime-6.0-6.0.20-1.el9_2.aarch64.rpm	2a79b776c13c6acfd61c84f8a4b1e54c06acca1d356b184daf0996774d8615dd
aarch64	dotnet-hostfxr-6.0-6.0.20-1.el9_2.aarch64.rpm	57ee33f661320fb22c36a6cdbebb4811ec445bdd99e4ed98078363cddde28e13
aarch64	dotnet-apphost-pack-6.0-6.0.20-1.el9_2.aarch64.rpm	6126b012dd2d67c91ea6af81336efad1079d5ed11c5d3b5c1e65f5a70617ecd3
aarch64	aspnetcore-targeting-pack-6.0-6.0.20-1.el9_2.aarch64.rpm	8a61d12969ed378ea37f6575b45f1bc5bbb1ceb9cc14bf8bb82638e4d0205303
aarch64	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el9_2.aarch64.rpm	b1d0f1b324707b02a059ee4c670ac290e6f46e93bab4a8fd8bc1686c5ec919ba
aarch64	dotnet-sdk-6.0-6.0.120-1.el9_2.aarch64.rpm	d6fcbc87c31b7c971d25b6ac3d0363a920e8456f67b0143ab781b4d0e0034311
aarch64	aspnetcore-runtime-6.0-6.0.20-1.el9_2.aarch64.rpm	e5378bdf85363ad5b936fa7a2add3a4e81b744931226b062107ad4495dcc6702
s390x	dotnet-sdk-6.0-6.0.120-1.el9_2.s390x.rpm	282f382d3bbdb7f436fdebbce73136657189c248009f710b7d07196a51e31312
s390x	aspnetcore-runtime-6.0-6.0.20-1.el9_2.s390x.rpm	5e8c7d59f8f414518bbeb39182a1dfdb4f06dbd9c5127fc3fde9ceb119d28c11
s390x	dotnet-hostfxr-6.0-6.0.20-1.el9_2.s390x.rpm	60a510753fffe52ad21fd6acdb52af3894915578602dc205ae3590b516d68cd9
s390x	aspnetcore-targeting-pack-6.0-6.0.20-1.el9_2.s390x.rpm	6159d75b8c037fe6ccb7d0f8f393be26e21134bb2077e80febd3fce7bf968e5e
s390x	dotnet-runtime-6.0-6.0.20-1.el9_2.s390x.rpm	6587a7450a0435b851decf9ad99fe58fbe00360ddc04ca5acd4efd189c7c659a
s390x	dotnet-apphost-pack-6.0-6.0.20-1.el9_2.s390x.rpm	6d63ee7bfd273c18be1ff4446dc91d7cf5430c1613c40fd7193d01d01fa5b376
s390x	dotnet-targeting-pack-6.0-6.0.20-1.el9_2.s390x.rpm	8a339b8fe26c67bccf8e19c2599684ca842a6c28c5c575a4980d2e06cd27b34e
s390x	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el9_2.s390x.rpm	ef5db91b5a03b6637a411fd165f6a718cd7ac361ca1d8e9d4de9c7923204369c
s390x	dotnet-templates-6.0-6.0.120-1.el9_2.s390x.rpm	f6cb136dac98cc678ffd53e7925c269ca9fca8f4b55091a0e466a0548411390d
x86_64	dotnet-runtime-6.0-6.0.20-1.el9_2.x86_64.rpm	1fe1cac72c59cb3445f50d0fa1e9e249f319dec243ed366e69e0d6b176fcd0e3
x86_64	dotnet-hostfxr-6.0-6.0.20-1.el9_2.x86_64.rpm	354028571aa102fbf90d3219f6051e7d84403a5b5bd0533c1536e81b086aa3fe
x86_64	aspnetcore-runtime-6.0-6.0.20-1.el9_2.x86_64.rpm	3d90bf8d7fc80f50ffd2a0d894fff27746b85b4474d43c579c0cd85cda32aeac
x86_64	dotnet-targeting-pack-6.0-6.0.20-1.el9_2.x86_64.rpm	658924fc3b01b2d330f29d15c75d9056f118b0554d033f17015cfc0147303d13
x86_64	dotnet-apphost-pack-6.0-6.0.20-1.el9_2.x86_64.rpm	659a6ca95d9983b95d8c67b31aaf22649d8257ef0370db9f059e300f7f76e74b
x86_64	dotnet-sdk-6.0-6.0.120-1.el9_2.x86_64.rpm	8658c32bd901aa6e264a2c0f175ba3e708c6ad43dffac390621521fd4aa2add2
x86_64	dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el9_2.x86_64.rpm	946c41c957a2d047c090dc4f7def9e1d958093c2cae96657f81a5cbbd192d67c
x86_64	dotnet-templates-6.0-6.0.120-1.el9_2.x86_64.rpm	ee5042fc4cb3abbd5ec86ce253fcbb3c97f21905b88e9bf68d7cfbb2fa99cfaf
x86_64	aspnetcore-targeting-pack-6.0-6.0.20-1.el9_2.x86_64.rpm	f521fd741e7240a2c9701e9d1f21af5164fbcdb646f3ffd0b93fbc5828847a93

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.