dotnet7.0-7.0.107-1.el9.ML.1
エラータID: AXSA:2023-6092:17
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7.
The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.107).
Security Fix(es):
* dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331)
* dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337)
* dotnet: Elevation of privilege - TarFile.ExtractToDirectory ignores extraction directory argument (CVE-2023-32032)
* dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128)
* dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-24936
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-29331
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability
CVE-2023-32032
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33128
.NET and Visual Studio Remote Code Execution Vulnerability
Update packages.
N/A
SRPMS
- dotnet7.0-7.0.107-1.el9.ML.1.src.rpm
MD5: 865f09a778d64b164aaaf1adbeef04e9
SHA-256: 4a973bae0bf70fee55a7c5fe5f150aba1bc00cd4a33c4aff508b18732438e35e
Size: 493.76 MB
Asianux Server 9 for x86_64
- aspnetcore-runtime-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: b8cfe87cd585d972b8c10b3e2883850e
SHA-256: 08681cc17859740fb5405f89d15981c3101ea74d555bbd6d5401c219d113ba1c
Size: 7.33 MB - aspnetcore-targeting-pack-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: 69d7694e2081c94b50bae600ccc4bfd9
SHA-256: c9bbc24557d4a7b88e0ed61b1385e1e2fccd712c6f7f70934bed591abd7da14f
Size: 1.51 MB - dotnet-apphost-pack-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: 8224c6f0c3d0431a1875ea98ae855297
SHA-256: 0b5d09425119bb4e91ecaad8561756866b01947eeb238e3a013aa1ca0da6ddc4
Size: 3.95 MB - dotnet-host-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: 8140dc781ae281971222c6e46a203893
SHA-256: 470bdceea680b0358bf5962cebb493aba26794840426baff53fb4c495cb16af0
Size: 183.68 kB - dotnet-hostfxr-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: ed154c4ced89f7d4fdea49a61d9550aa
SHA-256: 48e1d783e78dfadd3e56767bfbad210d47da50803f299444b5492977ef00a3d9
Size: 165.64 kB - dotnet-runtime-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: 33e453c232a7aa7fe07285d155f658a6
SHA-256: f392faa776458e750a791cc07d838cd6d9d8131b3c9511c7dbe43af99042219e
Size: 23.74 MB - dotnet-sdk-7.0-7.0.107-1.el9.ML.1.x86_64.rpm
MD5: 8f3d0f500c51565781d879a9910f0eed
SHA-256: 74ce47b39b15965d71bf7c1aa28432cd1f46d5dda631d9a4f58841bb756039e2
Size: 85.07 MB - dotnet-targeting-pack-7.0-7.0.7-1.el9.ML.1.x86_64.rpm
MD5: de92f8f32723bb1919c584a2a2202249
SHA-256: 887cfbe2db9d10c6884fe5b3b5fdd90409b5db4f638215eaf5af747122af90e4
Size: 2.60 MB - dotnet-templates-7.0-7.0.107-1.el9.ML.1.x86_64.rpm
MD5: 4dc779ae6818d31a6819b9b09a4f01d7
SHA-256: 6f492f092b2a1e5d210aba74d7fa9709b21f6a7cbc5b266b6f6c8c9a7bc6610a
Size: 2.71 MB - netstandard-targeting-pack-2.1-7.0.107-1.el9.ML.1.x86_64.rpm
MD5: bcde11a36377850c538c94f3748185c4
SHA-256: 90b223d0fe30fe06a6be8c286a8d591b87aa74e38fd3b1bbcfd00f372bc45eac
Size: 1.32 MB
日本語