dotnet7.0-7.0.107-1.el8.ML.1
エラータID: AXSA:2023-6203:20
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7.
The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.107).
Security Fix(es):
* dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331)
* dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337)
* dotnet: Elevation of privilege - TarFile.ExtractToDirectory ignores extraction directory argument (CVE-2023-32032)
* dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128)
* dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-24936
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-29331
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability
CVE-2023-32032
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33128
.NET and Visual Studio Remote Code Execution Vulnerability
Update packages.
N/A
SRPMS
- dotnet7.0-7.0.107-1.el8.ML.1.src.rpm
MD5: bc4dedd789d089a41ae2492916f1f6cd
SHA-256: 3f109a5fce44d8745757fd5f31a1792bad8e34c2c375de629c0c5964591d6ba7
Size: 493.77 MB
Asianux Server 8 for x86_64
- aspnetcore-runtime-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 18a43b6d8cfb22a8f844f78952b5dec7
SHA-256: 8bf3d7c6be8865fe7ab92f230a8b98aff8a02fd8bb57d2feaa9ae9a6f081e289
Size: 7.39 MB - aspnetcore-targeting-pack-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 33893d90a3e959423e326bc5753d58b9
SHA-256: f1902a190ca5e29c3f93fd72440381c560e02ce96c2a4ff444cfffa548c8bec4
Size: 1.60 MB - dotnet-7.0.107-1.el8.ML.1.x86_64.rpm
MD5: c87e1b6cdee2c69835112bda733004aa
SHA-256: 7b18c372d3267b6f6d4d94759a170e15e5576320b59394afa956a8da4238144c
Size: 17.70 kB - dotnet-apphost-pack-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 139f226c10a4d9cb9a52879f0683b584
SHA-256: bde1b453f9af642afab0c740c06120db3bd25b68aa172099419cf13a29c6e838
Size: 3.97 MB - dotnet-host-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 8e58eb54ced6b183de5f448425cc7fb1
SHA-256: 9fbffc6fd5d251b842946efa737f6baef3cff9b6a4849b75366ab75251bfb780
Size: 195.04 kB - dotnet-hostfxr-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 4b9534e8d4ace8da4cce45c4a0a791b0
SHA-256: 8c4bbc8d249311e8c61c906c2a8a7a3726a2d3d2d77cb572619e7a9e4d70154a
Size: 174.12 kB - dotnet-runtime-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: a62c6b7b39fba84bcafe9d9281468aae
SHA-256: 5d0d273332be6cd379260473129e5358039830f092385991965350ef1da53141
Size: 24.14 MB - dotnet-sdk-7.0-7.0.107-1.el8.ML.1.x86_64.rpm
MD5: cc404ae82134ac74ea624d24effa33e9
SHA-256: 84141375125919f6ca62fab2cfc15ecb94c9e4c2bd3bb83c6cc87ce2eccf2a52
Size: 87.56 MB - dotnet-targeting-pack-7.0-7.0.7-1.el8.ML.1.x86_64.rpm
MD5: 2b460bb2c6dc21df375c9b9db5933fd8
SHA-256: 17c3c2b7f72bfd566b4e97cbc8bbeb9f884ad9c24f2c622e3e123105002d195c
Size: 2.86 MB - dotnet-templates-7.0-7.0.107-1.el8.ML.1.x86_64.rpm
MD5: 1b8b6e9a41bc8549257c456f8efd91ac
SHA-256: c101e86bd032960cfc2f986b34abb71d4d0ac6e88017eb40cb86e02e6a0058bb
Size: 2.86 MB - netstandard-targeting-pack-2.1-7.0.107-1.el8.ML.1.x86_64.rpm
MD5: bf7e7ad03d30cd06a72ac81aa1f7f382
SHA-256: 5649bee2c9dc630108b6229acb4b7e3963de4aa2e8bdc4d8a65473a9b47d0856
Size: 1.51 MB
日本語