Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:4645

Опубликовано: 06 окт. 2023
Источник: rocky
Оценка: Important

Описание

Important: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21.

Security Fix(es):

  • dotnet: RCE under dotnet commands (CVE-2023-35390)

  • dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack (CVE-2023-38180)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
aspnetcore-runtime-6.0x86_641.el8_8aspnetcore-runtime-6.0-6.0.21-1.el8_8.x86_64.rpm
aspnetcore-targeting-pack-6.0x86_641.el8_8aspnetcore-targeting-pack-6.0-6.0.21-1.el8_8.x86_64.rpm
dotnet-apphost-pack-6.0x86_641.el8_8dotnet-apphost-pack-6.0-6.0.21-1.el8_8.x86_64.rpm
dotnet-hostfxr-6.0x86_641.el8_8dotnet-hostfxr-6.0-6.0.21-1.el8_8.x86_64.rpm
dotnet-runtime-6.0x86_641.el8_8dotnet-runtime-6.0-6.0.21-1.el8_8.x86_64.rpm
dotnet-sdk-6.0x86_641.el8_8dotnet-sdk-6.0-6.0.121-1.el8_8.x86_64.rpm
dotnet-targeting-pack-6.0x86_641.el8_8dotnet-targeting-pack-6.0-6.0.21-1.el8_8.x86_64.rpm
dotnet-templates-6.0x86_641.el8_8dotnet-templates-6.0-6.0.121-1.el8_8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-35390
CVE-2023-38180

Ссылки на источники

Исправления

Связанные уязвимости

rocky логотип

RLSA-2023:4643

rocky
больше 1 года назад

Important: .NET 7.0 security, bug fix, and enhancement update

oracle-oval логотип

ELSA-2023-4645

oracle-oval
почти 2 года назад

ELSA-2023-4645: .NET 6.0 security, bug fix, and enhancement update (IMPORTANT)

oracle-oval логотип

ELSA-2023-4644

oracle-oval
почти 2 года назад

ELSA-2023-4644: .NET 6.0 security, bug fix, and enhancement update (IMPORTANT)

oracle-oval логотип

ELSA-2023-4643

oracle-oval
почти 2 года назад

ELSA-2023-4643: .NET 7.0 security, bug fix, and enhancement update (IMPORTANT)

oracle-oval логотип

ELSA-2023-4642

oracle-oval
почти 2 года назад

ELSA-2023-4642: .NET 7.0 security, bug fix, and enhancement update (IMPORTANT)