Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

Fedora 37: 2023-19283746cd Medium: python3.8 Denial of Service

fedora
Calendar Grey August 20, 2023
Dist Fedora Esm H88
August 2023 snapshot on Fedora's dotnet6.0 and dotnet7.0 focusing on resolving significant concerns and boosting performance.
This is the August 2023 update for .NET 6 and .NET 7

Summary

.NET is a fast, lightweight and modular platform for creating

cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web

applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of

framework libraries, an SDK containing compilers and a 'dotnet'

application to drive everything.

Update Information:

This is the August 2023 update for .NET 6 and .NET 7. Release Notes: - 7.0 SDK: - notes/7.0/7.0.10/7.0.110.md - 7.0 Runtime: -notes/7.0/7.0.10/7.0.10.md - 6.0 SDK: - notes/6.0/6.0.21/6.0.121.md - 6.0 Runtime: -notes/6.0/6.0.21/6.0.21.md

Topics%20covered

Topics Covered

security advisory critical software update Fedora remote code execution dotnet6.0

Change Log

* Tue Aug 8 2023 Omair Majid - 6.0.121-1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 * Wed Jul 19 2023 Fedora Release Engineering - 6.0.120-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References


[ 1 ] Bug #2230088 - CVE-2023-35390 dotnet7.0: dotnet: RCE under dotnet commands [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230088 [ 2 ] Bug #2230089 - CVE-2023-35390 dotnet6.0: dotnet: RCE under dotnet commands [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230089 [ 3 ] Bug #2230090 - CVE-2023-38180 dotnet6.0: dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230090 [ 4 ] Bug #2230091 - CVE-2023-38180 dotnet7.0: dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230091

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-25112489ab' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
medium
Lowest
Low
Medium
High
Critical

Name: dotnet6.0
Product: Fedora 37
Version: 6.0.121
Release: 1.fc37
URL: https://github.com/dotnet/
Summary: .NET Runtime and SDK

Topics%20covered

Topics Covered

security advisory critical software update Fedora remote code execution dotnet6.0

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here