Publishing details
Changelog
dotnet6 (6.0.121-0ubuntu1) mantic; urgency=medium
* New upstream release.
* SECURITY UPDATE: remote code exection
- CVE-2023-35390: When running some dotnet commands(e.g. dotnet help
add), dotnet attempts to locate and initiate a new process using
cmd.exe. However, it prioritizes searching for cmd.exe in the current
working directory (CWD) before checking other locations. This can
potentially lead to the execution of malicious code.
* SECURITY UPDATE: denial of service
- CVE-2023-38178: ASP.NET Kestrel stream flow control issue causing a
leak. A malicious QUIC client, that fires off many unidirectional
streams with closed writing sides. This will bypass the HTTP/3 stream
limit and Kestrel cannot keep up with stream processing.
* SECURITY UPDATE: denial of service
- CVE-2023-38180: Kestrel vulnerability to slow read attacks
-- Nishit Majithia <email address hidden> Wed, 02 Aug 2023 13:18:55 +0530
Builds
Built packages
-
aspnetcore-runtime-6.0
ASP dotNET Core runtime
-
aspnetcore-targeting-pack-6.0
Internal - targeting pack for Microsoft.AspNetCore.App 6.0
-
dotnet-apphost-pack-6.0
Internal - targeting pack for Microsoft.NETCore.App 6.0
-
dotnet-apphost-pack-6.0-dbgsym
debug symbols for dotnet-apphost-pack-6.0
-
dotnet-host
dotNET host command line
-
dotnet-host-dbgsym
debug symbols for dotnet-host
-
dotnet-hostfxr-6.0
dotNET host resolver
-
dotnet-hostfxr-6.0-dbgsym
debug symbols for dotnet-hostfxr-6.0
-
dotnet-runtime-6.0
dotNET runtime
-
dotnet-runtime-6.0-dbgsym
debug symbols for dotnet-runtime-6.0
-
dotnet-sdk-6.0
dotNET 6.0 Software Development Kit
-
dotnet-sdk-6.0-dbgsym
debug symbols for dotnet-sdk-6.0
-
dotnet-sdk-6.0-source-built-artifacts
Internal package for building dotNet 6.0 Software Development Kit
-
dotnet-targeting-pack-6.0
Internal - targeting pack for Microsoft.NETCore.App 6.0
-
dotnet-templates-6.0
dotNET 6.0 templates
-
dotnet6
dotNET CLI tools and runtime
-
netstandard-targeting-pack-2.1
Internal - targeting pack for NETStandard.Library 2.1
Package files