ALSA-2024:0807

[ALSA-2024:0807] Important: dotnet6.0 security update

Type:

security

Severity:

important

Release date:

2024-02-15

Description:

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.127 and .NET Runtime 6.0.27.

Security Fix(es):

* dotnet: Denial of Service in SignalR server (CVE-2024-21386)
* dotnet: Denial of Service in X509Certificate2 (CVE-2024-21404)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	dotnet-apphost-pack-6.0-6.0.27-1.el9_3.aarch64.rpm	1a4fd1b3218fbfd2fbba33d6e1e268b8f5b1e61130e143d276b85023c73e6dcc
aarch64	aspnetcore-targeting-pack-6.0-6.0.27-1.el9_3.aarch64.rpm	4a2e733c7ec39273e525a7643b9780d0d1147ec1b31dfb25b900f0bc9df81db1
aarch64	dotnet-targeting-pack-6.0-6.0.27-1.el9_3.aarch64.rpm	5e97b9e7f5aa993fa145c4557c51f5aaeba7f8826ca03390a7c60836cb73330c
aarch64	dotnet-hostfxr-6.0-6.0.27-1.el9_3.aarch64.rpm	678d5d82d3363c4d42c29fe1f18dfb87074dfafdd764c2c59572ff2a0c8fd819
aarch64	dotnet-sdk-6.0-source-built-artifacts-6.0.127-1.el9_3.aarch64.rpm	9acebcdcb6d3e9a2b4e4f1bfab04b33f20e58407a53f64ed8721ac87ec2e5ec8
aarch64	aspnetcore-runtime-6.0-6.0.27-1.el9_3.aarch64.rpm	abdc074296d44aae14b5dd0b9c561671520022edd482aff98fa34fbddca6d9f9
aarch64	dotnet-runtime-6.0-6.0.27-1.el9_3.aarch64.rpm	ac99590d1ebf0e620583c1455923e001d4289d30a4b93dbec1a70067d0470e50
aarch64	dotnet-sdk-6.0-6.0.127-1.el9_3.aarch64.rpm	ae5022d966c093885e9fc198654a27872cbf2bca5a6e872fdf02006a5353be56
aarch64	dotnet-templates-6.0-6.0.127-1.el9_3.aarch64.rpm	e2b6566ae792bc73d0a0924334704907b1fcfd16204131a3bf94b86157bc374b
s390x	dotnet-templates-6.0-6.0.127-1.el9_3.s390x.rpm	03961a88d021c1bb4450fcd66ce0e1eb917ae5509e7172284bb84b367cf254b6
s390x	dotnet-sdk-6.0-source-built-artifacts-6.0.127-1.el9_3.s390x.rpm	17099d2392fd7683b2f8f34a01ab41b4e231450cb664a33e9b4892e02270c45d
s390x	dotnet-sdk-6.0-6.0.127-1.el9_3.s390x.rpm	33eb3913f86d164e58de34571801ddafd2cfa67bfee05d2bec6a194d9f83e592
s390x	dotnet-targeting-pack-6.0-6.0.27-1.el9_3.s390x.rpm	64301bef5deec03cfb855ac422940c6df137069d139b37f8d601ed50156d5aec
s390x	dotnet-runtime-6.0-6.0.27-1.el9_3.s390x.rpm	6ce45026ce681a6602ac772398b1ebd650558ff6b06322dbedde02b738758838
s390x	aspnetcore-runtime-6.0-6.0.27-1.el9_3.s390x.rpm	bdfcac243d074e59443c7d8d12e700c766621a47e42a0b2c4e565ac4fc985d00
s390x	aspnetcore-targeting-pack-6.0-6.0.27-1.el9_3.s390x.rpm	c8cab26d9ab026640d9960f92d83ba5baf505420291cec6d1d8adf88eb130c97
s390x	dotnet-hostfxr-6.0-6.0.27-1.el9_3.s390x.rpm	e4856a48d8ec348fe40c9b6cffbe86824202a9affe6bcaf489789aaa67119be6
s390x	dotnet-apphost-pack-6.0-6.0.27-1.el9_3.s390x.rpm	ebe8733f921d587696580db1da384fafa21e4e5c7906161e5906d323cfd17669
x86_64	dotnet-sdk-6.0-6.0.127-1.el9_3.x86_64.rpm	2a94c4eb2554f62ca5af75bafe8216231b5c04f16ec105146dc536c655a43ed0
x86_64	aspnetcore-targeting-pack-6.0-6.0.27-1.el9_3.x86_64.rpm	385ec62974380d98eb50682181ea992f3edab58fdbb2c69e4e575123f847e84e
x86_64	dotnet-templates-6.0-6.0.127-1.el9_3.x86_64.rpm	4b85fc5825bdb0583962a1e937d3a386aba42b3f3d840e45487f1f8151f8b1cd
x86_64	aspnetcore-runtime-6.0-6.0.27-1.el9_3.x86_64.rpm	6d39f3fba8e079bf9caf225bbd53208130b5b5d40939b8b84bc304346a540633
x86_64	dotnet-sdk-6.0-source-built-artifacts-6.0.127-1.el9_3.x86_64.rpm	96eda7ee31e31a452aede27796ab808389a74e0ea07c8481aa4c689182c4b1c8
x86_64	dotnet-targeting-pack-6.0-6.0.27-1.el9_3.x86_64.rpm	baa62fe4ce08978e34033bf8a20b9595296fea2095e34d49ed2bb521a6caaa71
x86_64	dotnet-apphost-pack-6.0-6.0.27-1.el9_3.x86_64.rpm	cec35888cc82de5da70df403f28ce9777c12a507cf9b2c565bb572b5372dca25
x86_64	dotnet-runtime-6.0-6.0.27-1.el9_3.x86_64.rpm	ee575c0292a832c9068f49b3128d5dda15bc34e28028e27ae597ae7f0266a495
x86_64	dotnet-hostfxr-6.0-6.0.27-1.el9_3.x86_64.rpm	f0a842ab179071c305db34229a9503c5f4a75e25372764d72ef29703eff87ec7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.