[ALSA-2023:7255] Moderate: dotnet7.0 security update
Type:
security
Severity:
moderate
Release date:
2023-11-16
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14. Security Fix(es): * dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand (CVE-2023-36049) * dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms (CVE-2023-36558) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 aspnetcore-runtime-7.0-7.0.14-1.el9_3.aarch64.rpm 0f715af494787575fc03d94a05c970f1c5247981b2756a78974df5993231a370
aarch64 aspnetcore-targeting-pack-7.0-7.0.14-1.el9_3.aarch64.rpm 2ca94758aa2e3047d097bdf2ecb02eaf55bfef513df4209ea510b2ed1d5a6680
aarch64 dotnet-apphost-pack-7.0-7.0.14-1.el9_3.aarch64.rpm 6780e33695dca2531a542b754cbfe96d03e50f2984bfe7f6ae80d92f74ec2856
aarch64 dotnet-hostfxr-7.0-7.0.14-1.el9_3.aarch64.rpm 890a02f4e29c12063dbf28384f823747561b8d2cb336368193ca124f56aeca75
aarch64 dotnet-runtime-7.0-7.0.14-1.el9_3.aarch64.rpm 978681b6511bcd6aa300633244915083c943f3bf29e30fc57500b4ca2bdefe95
aarch64 dotnet-sdk-7.0-source-built-artifacts-7.0.114-1.el9_3.aarch64.rpm 9d57bab6516987ba5992c38453ece23b23905c3389e1a655fb4e370c28e42ff1
aarch64 dotnet-targeting-pack-7.0-7.0.14-1.el9_3.aarch64.rpm a6532d2f9dd746497f7bc25329427a1f06891fe8e5422abccf83bff64765d1fe
aarch64 dotnet-templates-7.0-7.0.114-1.el9_3.aarch64.rpm ac539c851974d2e6582ccaebd3279f998d7f92296046386f8911c184c1b4e2f5
aarch64 dotnet-sdk-7.0-7.0.114-1.el9_3.aarch64.rpm db00593945d5409275e51832d45430fe78a5da6bc3cc48f2c705027ecd817233
ppc64le aspnetcore-runtime-7.0-7.0.14-1.el9_3.ppc64le.rpm 30432b819f6fc4f1a29047756defca4cf5aa20920ec26fed94921d1fbcb72ade
ppc64le dotnet-targeting-pack-7.0-7.0.14-1.el9_3.ppc64le.rpm 42b61568c436214ed88b945b3861e0507d4a19593af9899f82c7f3e8c20027f7
ppc64le dotnet-templates-7.0-7.0.114-1.el9_3.ppc64le.rpm 435f16d50643665eb332a6321848c7f1d84ac4d3a0744dd1d51db39126bcab43
ppc64le dotnet-apphost-pack-7.0-7.0.14-1.el9_3.ppc64le.rpm 51aebe959689c65afc68dab90b48445760847bd4f43fb1ff91a570fc6d1a566d
ppc64le dotnet-sdk-7.0-7.0.114-1.el9_3.ppc64le.rpm 5f069d7aef2c0306e6d2a234db9688cc2687b0e8afb5f2d21bdcba4002aba4c8
ppc64le aspnetcore-targeting-pack-7.0-7.0.14-1.el9_3.ppc64le.rpm 6c268874fe2e431bddc924e45ff28448bb474e85bf3e19c845865788e7f3e1d2
ppc64le dotnet-runtime-7.0-7.0.14-1.el9_3.ppc64le.rpm 70d2457491ea1773979b956865d86932aae3e20171accd93d90c7d3698af7da2
ppc64le dotnet-hostfxr-7.0-7.0.14-1.el9_3.ppc64le.rpm df82c6766b79e39547e1a9775f57c271b871ae7a124b5fd24646c56d988796dd
ppc64le dotnet-sdk-7.0-source-built-artifacts-7.0.114-1.el9_3.ppc64le.rpm f5e5092f26bbc66cdfcee182a03ba0d315b8883783e3d48a2b556a8106287510
s390x aspnetcore-targeting-pack-7.0-7.0.14-1.el9_3.s390x.rpm 03680507814c5cbf455950dfd1ee2f6c947540bda86965d04f36b8a92cc46651
s390x dotnet-hostfxr-7.0-7.0.14-1.el9_3.s390x.rpm 2860c404883eb25932d59fa1de7929a07e55933e65d57aaff3f713468a9d00b3
s390x dotnet-targeting-pack-7.0-7.0.14-1.el9_3.s390x.rpm 2e730ce504e4edd54e085e3dbaf86b65ef25192e36d4034f98b4d663593e675d
s390x dotnet-apphost-pack-7.0-7.0.14-1.el9_3.s390x.rpm 696318795cd381332d56cbfb21c49fbfe43adc9284068304b2bd7e57cc27653e
s390x dotnet-sdk-7.0-7.0.114-1.el9_3.s390x.rpm b0a6ccae12dbbd1ea3ceb9319b7a30fa61084212778b33a8b304075276e809df
s390x dotnet-runtime-7.0-7.0.14-1.el9_3.s390x.rpm b6f1623d59fa9018e603c441b7d2532acfc921857707eaeddb7ec989f3998c1a
s390x dotnet-templates-7.0-7.0.114-1.el9_3.s390x.rpm d905dffe50be64ec00ffc0af5554e773f664b929eb76902e94c747adb1c06bb2
s390x dotnet-sdk-7.0-source-built-artifacts-7.0.114-1.el9_3.s390x.rpm e5fa0ce232c876b6eca82dd853a4a21b80d7cbe7b748bf71ee82b9baf474109f
s390x aspnetcore-runtime-7.0-7.0.14-1.el9_3.s390x.rpm e709ae65410cdee0763c78cc0103dcfc85c52c28ceb14c159d1aacd5201881ff
x86_64 aspnetcore-targeting-pack-7.0-7.0.14-1.el9_3.x86_64.rpm 326bc495c5438a6ebe12162d458beed748bc3c5a6aaadaf384ce176ae8ad90cc
x86_64 aspnetcore-runtime-7.0-7.0.14-1.el9_3.x86_64.rpm 42ca2ad10b3adbb74b88ff3f823df47a930e2db6ba6dc79db599b132e082987e
x86_64 dotnet-apphost-pack-7.0-7.0.14-1.el9_3.x86_64.rpm 5417f24f52a3a752b2bf2d4fb0fea5c6d1e661c3b50b77d5030c7b126046c2c1
x86_64 dotnet-hostfxr-7.0-7.0.14-1.el9_3.x86_64.rpm 629b9a4e159b57f4924f06d1ae33bfa07f7c665507028cdc9110d3dc6b72229e
x86_64 dotnet-sdk-7.0-7.0.114-1.el9_3.x86_64.rpm 9aafb63e226d93e23e2d34ccf7f0b405583756f5fa8e7bc19693f358f07b6708
x86_64 dotnet-sdk-7.0-source-built-artifacts-7.0.114-1.el9_3.x86_64.rpm adeb4c31399a9ec82f9de27cf189ff89671c5d267ea6a06240e579686483e019
x86_64 dotnet-runtime-7.0-7.0.14-1.el9_3.x86_64.rpm b14957e3c76d27254861b36c20007d829f93239a70fcdad76291a16c5f1f4c70
x86_64 dotnet-templates-7.0-7.0.114-1.el9_3.x86_64.rpm b6f7c7c235a51c55ae203a5ef6394651019d378aaf08e20681fc1c942b582770
x86_64 dotnet-targeting-pack-7.0-7.0.14-1.el9_3.x86_64.rpm e5e82762faefe2a126bc2f9c5269d63e06773f6b99ccd08664208c8cdb32518b
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.