[ALSA-2024:2843] Important: .NET 7.0 security update
Type:
security
Severity:
important
Release date:
2024-05-16
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dotnet-apphost-pack-7.0-7.0.19-1.el9_4.aarch64.rpm 0c88b6a6dee1be665d40bb268c5eac5d58cf1d48731fa6f560755d3bee6ee32d
aarch64 dotnet-sdk-7.0-7.0.119-1.el9_4.aarch64.rpm 0fc901c9857f87ea763552616fa3320a19786eb712ac9ac3007a41c8dc5a661f
aarch64 dotnet-hostfxr-7.0-7.0.19-1.el9_4.aarch64.rpm 1bf40572acf3db563bbd4a24e287ca22e881e2492d025e20b78fad6945e6b78b
aarch64 dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el9_4.aarch64.rpm 2123994dcca6a09c49393c55a9be3935721e2894415200c618d46f9496995e3f
aarch64 aspnetcore-runtime-7.0-7.0.19-1.el9_4.aarch64.rpm 4b158d6297f4f688a1e0b42cd0d81c2f15184e90f4f830f9af957869db7e9ad0
aarch64 dotnet-runtime-7.0-7.0.19-1.el9_4.aarch64.rpm 672b2d846e5884fd04369fbb687dc21543b70d16197582d2b2a34fcb06a2864d
aarch64 dotnet-targeting-pack-7.0-7.0.19-1.el9_4.aarch64.rpm b366f5c13dc213aa5e96d376f58180ae39f2f4777b76f989a45984da6faa76ee
aarch64 dotnet-templates-7.0-7.0.119-1.el9_4.aarch64.rpm bd346da7e711a5a0d91b493c61e37e9f66b2a94f120d1d6f165ed4b9db1970df
aarch64 aspnetcore-targeting-pack-7.0-7.0.19-1.el9_4.aarch64.rpm c4e94ebf40b093f34147aafeaa1a73d80020a5be09b9dbdee83930f255cd8936
ppc64le aspnetcore-targeting-pack-7.0-7.0.19-1.el9_4.ppc64le.rpm 27d2576eefcc8c9c686308e4d1c45eb817d7f7d09e44e5133844e2eb9444e04a
ppc64le dotnet-apphost-pack-7.0-7.0.19-1.el9_4.ppc64le.rpm 5acda710571150e65cdc344c8fee46e3dd3237b963c599968e4275ab12e37152
ppc64le aspnetcore-runtime-7.0-7.0.19-1.el9_4.ppc64le.rpm 5d1a28d5545148defed9a8898d978ea75b154be716ff9bc345908c486d737193
ppc64le dotnet-hostfxr-7.0-7.0.19-1.el9_4.ppc64le.rpm 5fa9c35bb7ef7d81b52445b1101b0c1ea446278abcbeb4cecf54575c15676c68
ppc64le dotnet-templates-7.0-7.0.119-1.el9_4.ppc64le.rpm 88e2d81cc8967066ec03bc8af4f5aaad02f7b1360823a1a727d83a0f28644eea
ppc64le dotnet-sdk-7.0-7.0.119-1.el9_4.ppc64le.rpm bb50654cff08f6af1442e862b7b2779de4343f1673cd934181caa9805387048f
ppc64le dotnet-targeting-pack-7.0-7.0.19-1.el9_4.ppc64le.rpm d63771ed3bd5fbac19ef687363373d2a90f6c59cf2a56b64657837afbc04caab
ppc64le dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el9_4.ppc64le.rpm d75a4c2d02ef74513ccab4cd12087ebfb1767735301bafb8c2758b9de80e8aeb
ppc64le dotnet-runtime-7.0-7.0.19-1.el9_4.ppc64le.rpm f47bb45d48ebc0c5980f79aac930055c8d7dce8f6ea1af1dd6574c7ede361acc
s390x dotnet-sdk-7.0-7.0.119-1.el9_4.s390x.rpm 195f09b1cc820a174724c26c038efb07c45ff269f261f54f9ecd3b830f7a1554
s390x aspnetcore-targeting-pack-7.0-7.0.19-1.el9_4.s390x.rpm 37e6494404601bb3a1b195db51f1d3fa4ab8a1476b68f88a3cc3c3cd86c82210
s390x aspnetcore-runtime-7.0-7.0.19-1.el9_4.s390x.rpm 3ebece77eacdecf0ab3d02e8df4f5e3104fc5a0c970647a91c070ad383178c61
s390x dotnet-templates-7.0-7.0.119-1.el9_4.s390x.rpm 421902584edd9fee5885176f0e3718a8be8553da69ab1a3cfcae161e94d51038
s390x dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el9_4.s390x.rpm 7f88c9f1e140e77a561dba1e728b812e1680d5d04e30fec45173d9d15c2f34c8
s390x dotnet-runtime-7.0-7.0.19-1.el9_4.s390x.rpm bdbdf2284fef7799b7d96459c9a4b2e921d172c254b6decee5aa889e8fbca2db
s390x dotnet-hostfxr-7.0-7.0.19-1.el9_4.s390x.rpm c18114c6d2e3362cbee481f4b0e3cc83b26dcf8a41bfecd742429bb85a9e6cdc
s390x dotnet-targeting-pack-7.0-7.0.19-1.el9_4.s390x.rpm c47db1ccbb3ca7c0adbaca963a74d274e51086125ebd20a2a4296f524ab6edb4
s390x dotnet-apphost-pack-7.0-7.0.19-1.el9_4.s390x.rpm df3a617017454d014e47fa51049d8082ceeb244090cc89dc28306b32a0462a78
x86_64 dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el9_4.x86_64.rpm 4949285c3af5810f86699f8361ac8a903f05cf7d19b198c5bc1c48db04006f41
x86_64 aspnetcore-targeting-pack-7.0-7.0.19-1.el9_4.x86_64.rpm 558e583b9b80ca8ac2a5ac30030868f11c0da390c4d825c3674ead1b492860d4
x86_64 aspnetcore-runtime-7.0-7.0.19-1.el9_4.x86_64.rpm 598f9ff0cce52f09cf81ec09fa535a362b949d78abf9af449f4db49fc8238bec
x86_64 dotnet-sdk-7.0-7.0.119-1.el9_4.x86_64.rpm 6e16784fb97ced8270433ed46e3d5af39aea2353570890d5bc02eab9a908419d
x86_64 dotnet-runtime-7.0-7.0.19-1.el9_4.x86_64.rpm b81cbf4c3eb20e64575818e10d5b5ed0e5a94b2d05ae1559c0fd90b841b978a4
x86_64 dotnet-templates-7.0-7.0.119-1.el9_4.x86_64.rpm c053cabb27b6f6756a0f793f2801ad43e8f112649c5f7cbff4f7b166f43a458a
x86_64 dotnet-hostfxr-7.0-7.0.19-1.el9_4.x86_64.rpm c50824d31fc87e5f1d155d5806e0620a7caf9dbb5e27fc97921c5fb4b3378463
x86_64 dotnet-apphost-pack-7.0-7.0.19-1.el9_4.x86_64.rpm dc566cad8314a0244a0c491448f02c94cee20350973be6081124734790eb7069
x86_64 dotnet-targeting-pack-7.0-7.0.19-1.el9_4.x86_64.rpm f11bdcc768f67c756c89b100c6e96fa943ed0c148771813545701b9834ecd119
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.