-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: .NET 6.0 security, bug fix, and enhancement update Advisory ID: RHSA-2023:3581-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3581 Issue date: 2023-06-14 CVE Names: CVE-2023-24936 CVE-2023-29331 CVE-2023-29337 CVE-2023-33128 ===================================================================== 1. Summary: An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 9) - aarch64, s390x, x86_64 3. Description: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.118). (BZ#2212379) Security Fix(es): * dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331) * dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337) * dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128) * dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2192438 - CVE-2023-24936 dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML 2212617 - CVE-2023-29331 dotnet: .NET Kestrel: Denial of Service processing X509 Certificates 2212618 - CVE-2023-33128 dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption 2213703 - CVE-2023-29337 dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: dotnet6.0-6.0.118-1.el9_2.src.rpm aarch64: aspnetcore-runtime-6.0-6.0.18-1.el9_2.aarch64.rpm aspnetcore-targeting-pack-6.0-6.0.18-1.el9_2.aarch64.rpm dotnet-apphost-pack-6.0-6.0.18-1.el9_2.aarch64.rpm dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-hostfxr-6.0-6.0.18-1.el9_2.aarch64.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-runtime-6.0-6.0.18-1.el9_2.aarch64.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-sdk-6.0-6.0.118-1.el9_2.aarch64.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.aarch64.rpm dotnet-targeting-pack-6.0-6.0.18-1.el9_2.aarch64.rpm dotnet-templates-6.0-6.0.118-1.el9_2.aarch64.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.aarch64.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.aarch64.rpm s390x: aspnetcore-runtime-6.0-6.0.18-1.el9_2.s390x.rpm aspnetcore-targeting-pack-6.0-6.0.18-1.el9_2.s390x.rpm dotnet-apphost-pack-6.0-6.0.18-1.el9_2.s390x.rpm dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-hostfxr-6.0-6.0.18-1.el9_2.s390x.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-runtime-6.0-6.0.18-1.el9_2.s390x.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-sdk-6.0-6.0.118-1.el9_2.s390x.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.s390x.rpm dotnet-targeting-pack-6.0-6.0.18-1.el9_2.s390x.rpm dotnet-templates-6.0-6.0.118-1.el9_2.s390x.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.s390x.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.s390x.rpm x86_64: aspnetcore-runtime-6.0-6.0.18-1.el9_2.x86_64.rpm aspnetcore-targeting-pack-6.0-6.0.18-1.el9_2.x86_64.rpm dotnet-apphost-pack-6.0-6.0.18-1.el9_2.x86_64.rpm dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-hostfxr-6.0-6.0.18-1.el9_2.x86_64.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-runtime-6.0-6.0.18-1.el9_2.x86_64.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-sdk-6.0-6.0.118-1.el9_2.x86_64.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.x86_64.rpm dotnet-targeting-pack-6.0-6.0.18-1.el9_2.x86_64.rpm dotnet-templates-6.0-6.0.118-1.el9_2.x86_64.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.x86_64.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.x86_64.rpm Red Hat Enterprise Linux CRB (v. 9): aarch64: dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.aarch64.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.aarch64.rpm dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el9_2.aarch64.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.aarch64.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.aarch64.rpm s390x: dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.s390x.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.s390x.rpm dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el9_2.s390x.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.s390x.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.s390x.rpm x86_64: dotnet-apphost-pack-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-hostfxr-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-runtime-6.0-debuginfo-6.0.18-1.el9_2.x86_64.rpm dotnet-sdk-6.0-debuginfo-6.0.118-1.el9_2.x86_64.rpm dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el9_2.x86_64.rpm dotnet6.0-debuginfo-6.0.118-1.el9_2.x86_64.rpm dotnet6.0-debugsource-6.0.118-1.el9_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-24936 https://access.redhat.com/security/cve/CVE-2023-29331 https://access.redhat.com/security/cve/CVE-2023-29337 https://access.redhat.com/security/cve/CVE-2023-33128 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZIm2/dzjgjWX9erEAQigiw//YIhz5xWveUTQzAldEmzdklp5q5bStX4k NP9Fm/kQctCmd+t4GuSae7vRMj6bPHKmTDFdi8Q4V9nTipdvX3uWcXv93Zjj2EW5 kjE1TyToMDZN+Aff+5tlhQrajRvWh3XkyiUUXCErMCu9LwuTKMklvQFvH7Mkg3/W zcwnTS4aF2pBgPZdpYEUlOzypqwVkKjq57o1Hjh8r0rIANpgqzq3dRQr6IZK2i0y 0mAQKP/pefQjNrmKNKK1ozV5mE1MCp/e5uWmBJ3oDDvjXXFORZR9rqgySC+Ufj4U 3kFblqEsYfHyH6CBOZNKlXIrWtLnXzIMMnUilXf2u/HUyT0fZM8FZWyo4J9drOrh Vsh4Ph6sqpmp3bnhqTdXAohb+u4SwfQp2BAqm9pa2/0I6f96m/xKNR2CooASEp/j 6ZgnkEgdiA5vf5p7yl0cWt7piFoKAUjvFiUolDIZa5KgvnYiFQW8Mr5Dps3I4CIM nqvqpPqvTufdYqTO2Xj0YWPbo0E+AjbueJMMf8X3qOn7u148uO8qWmxsFvOUMUxi 5L7e9/OwIQFnMHpDHX35i0Qj+wPzgS+NMdR1H3uIXYLOUGTHRweYjNwyI76YUdbN /EqyX1f+51L5Pe+qf9MFw3nUqdabKsQURj6Dpl1ZLziQGFDGBdc8+5t+zloOw9ys Z54C9C0J6zM= =FWd2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce