Headline
RHSA-2022:8434: Red Hat Security Advisory: dotnet7.0 security, bug fix, and enhancement update
An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory
Synopsis
Moderate: dotnet7.0 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.
The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.100). (BZ#2134641)
Security Fix(es):
- dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2132614 - CVE-2022-41032 dotnet: Nuget cache poisoning on Linux via world-writable cache directory
- BZ - 2134641 - Update .NET 7 to RC 2 [rhel-9.1.0.z]
Red Hat Enterprise Linux for x86_64 9
SRPM
dotnet7.0-7.0.100-0.5.rc2.el9_1.src.rpm
SHA-256: 4ccccc9905dcbb77a20d55393b56f5212833a5a1c52c31bc681df08de46b0f2f
x86_64
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 5350d356778de67216a4fc922b541b55a5f8bed794e8cf356141dcf6cffe7f65
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 4a44c32035b45612384838cc2765b0d4b65fc5a9b68b35aaee9b1f1674e34555
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 8663691cace4e10abe2848b618cdf08cc8f5a2b7ce83cc0f07af1aefb313659c
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: fc5bd6dd0fb38f714470de2160429a8dfc51256197ce9fe63a02f9a3ade3e4dd
dotnet-host-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: b65a83741a79d76cacf6d161f62a4c885361b0ee504c2dbec6f98e1a22fe03aa
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 367dd6cf3533aef6bab1d663405dc0d5a1407fe06e446a039db423deff3e1a8c
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 5abfdef77e7921e475c1e4d6466cf446f1c0d7d3a774b8d888361db21de2d785
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: b6d3707109fdb2ba853dda859b5321b042e8780d7675a23e2dda248e03d407bb
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 0676eeb6ac8fbc447a37e16d41827df8f2b4bff8b69cffaf8bc4e08c780436c6
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 38a12ab3416dbee9e3f7072190fd74cbaa0bc38c9ade70bf5a785a5dea0bf139
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: dfe45befee5481cbb1de22457a314338a3995eff6c7e111085c4bc7e9491ed0f
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 1b904a7d2064fab5870c65c61ea01448af8c1a41432575afeade1039daa76883
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: c18fb5e0f20e56219f68e2f41037c99af86fdad0d2f2813d28fa8098ffb7fce5
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 9c4404f9a6bb462ea07e965f9d376ac10811ccd504492f4da3f92ac103eab807
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 249771f1da92d23233e7cea832fbb7149331f74b0296e47b33fe4898af888959
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 9741bec7eefcbbae921ff54aec57d3920883a9da7dba02665a80a0cf39cd60c5
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 20222d501bcdef3f8a76efcb27136471c5ff4310710ccd4b7ba892b505630f0b
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
dotnet7.0-7.0.100-0.5.rc2.el9_1.src.rpm
SHA-256: 4ccccc9905dcbb77a20d55393b56f5212833a5a1c52c31bc681df08de46b0f2f
s390x
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: de2b6c9aa1014a6937dd64ed446600d79a98b08b1280a9c55f74e0f5777926f5
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 1367a55ba0cdc19fa2eaeee2790666537b911d927aa91f5f883807651cf022da
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 90dfeb5d08e8e21c6bc7c92f90888bc0b8d0f1404cd4eebac213fbd20eef39c9
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 4bf95feb547125c70a5cff45b1734e42f68e6db787df5730f843998e9bd7b27a
dotnet-host-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 3e531e351ed933c1049b40fb6c1390ce506df03b0b56beb19df882cbdc2f7d4d
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: abc283ba1635f2d07af072b7e59911bb06ec690642fc2732100825f89fa2a18d
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: e296e7c02cc9fc652367928badf62d18a82baf1059172f21d09dddc9c9be470a
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 490f5c8fe8f340f033285969d3b70b96f44180f783b26ff4423958f15abe9c60
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: b56d82571bf1d699006622902a29e1269f96d2f484d38a3b4fa91171f3243d57
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 06e2aec42097bb189a909e36359072c364870f850a2ed021f0543352d01855e1
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: 2588612416917ce130b09f5d0a7fd8831e991008b567695e995e989ded271a34
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: da2a4935d0b0b70abc75e7614a4ae3912b0865aa8dd26f0bbdc64b606e902d64
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 19e7067f8562e0bae5a2004055c41c27ce368c9ab78adf1ef72e6c7597069ab4
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: a4e6c6fc2eaea8093f1d22e794faf1395d6675b78290e56e0388ed3518d6c4da
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: 772e0dabac533fa08b1eb2dfca2ac2559832d930cb8fd95511cf74118950a7c9
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: bc9fb0fca768e014f015dacda5c855001d6256b739f199d05a2130fa4859f414
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: b378a38aa458a4bcafd89e4b21f54876a89bcd9ca48e097cedeb5380f3d4f7ae
Red Hat Enterprise Linux for Power, little endian 9
SRPM
dotnet7.0-7.0.100-0.5.rc2.el9_1.src.rpm
SHA-256: 4ccccc9905dcbb77a20d55393b56f5212833a5a1c52c31bc681df08de46b0f2f
ppc64le
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: df28f7327dec87cf8c0befe65353e5085313ef3f2ffed25763cbada2e6c523f2
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 26ab4a767ce39b5b4b05a5739afb0c1b8504787858ae239562d7027824f24e6c
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: ae531dda7b01cc6dba2d89265b7ef533d22787856357b4458b2af7eb5f62620d
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 61f9ec241a1292a3262dc813fb56c381ea3772cff913768fa612313228de1289
dotnet-host-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 6c432b562b5ae14379576acf2f6e1767045b7ca080b28d528e3b5d7a0e26ee11
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 864ea8f44ca9505bb8d778032fbfe8fe0ab9daa21c526833ef3f3db48a8dd604
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 2958466d137d60d3bf92928c4ba141edc0eff90e077da39e427019c7d031dcd1
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: c0d4c52901f764e5e34ff1cdb8e5e6c40d161243f15211b731207cf7cd7b394c
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 1b8fd38f17a13f5ae448748da087da8b002d2c2e24ab603e9126d950d6f879fd
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: f32755af0e0ffeec4369c819f293d2f59e1f3bdba1517798a51a84bb264bcac1
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 329cb4b994079e829804cff1b834a581596c942af23097a8329375df851e08ba
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 81bc02d5848c399825376986bd98b73c250ca7c482e30532434368bf28d25da1
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 7db71f3c0129ecb44bc1ec9e6629490e84b15dc2aec9c0c335dcc6e4bd265f3b
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 8cf43308acc5967d7d568e16247f675a6c17ace3eb1b0c1ebae1dd80b9742adb
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: d9bae091621935316313672415491347410bee8d826b4dc5b39bebd75b204185
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 0ec880ea75608714f2a7cee8f7196a297b1f2bc23a12b7e928deda869898c784
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 4dd83b8b45b508a8e7e912b7b1babffa9ba41338731dcbcd821a1fc99bd77562
Red Hat Enterprise Linux for ARM 64 9
SRPM
dotnet7.0-7.0.100-0.5.rc2.el9_1.src.rpm
SHA-256: 4ccccc9905dcbb77a20d55393b56f5212833a5a1c52c31bc681df08de46b0f2f
aarch64
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 9f98e4e3bb95b712e681f2bf2bfc1fc6490ecc4b24efd5039bb8fcfe97936de6
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 7e86cffa4013a84c2410f46edc8e03cfc8bd896588a4f9319737d861d427c54d
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d473bede235e6f330a03d8d34c3712e5a022ade68a11595709a5c2923867b6eb
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d7e3f09bec3c27873e46e0ad2a441df8a401c0c7554f826aafbd606aff8e0bf8
dotnet-host-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d321da1cda4df264132ec1098f426e4a78e30fcf8cb181aed5c703430c96528c
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: dfc2dc0ecb133b1c7233c2356518d0f9d6f32447d2fce3a0c172755a51ca7cc1
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 40dbb915573ff0cec8809a9335d6cd7acb818a6dd34534127648309fd5c85ae2
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 940db9721d619db60185b898b6619819b4be42330cae9c4ba074ef460b7512f8
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 493ed53501c387fcc39bba20304486fa6c19102b5126f01e5e3845d42421f170
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: b5f5d2d7fbdc723a8fb56793650da1e168f5c054caa45bc05cca9604bd198f4b
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 8e4998eeee9ec164daaebd2c9a0a8411e95d1f741d240e6983ebc3cc5b0180e5
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 708b428b2679ec462759990982ea8d95f137e566d42650b270df325bc4619c9c
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: fca8c3c209ac65e0a7f1db65c5940f55a98d52b9f69cbb8e3a1a39a8c33c0fa1
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d61965033a7081bff1958621b7b46f953caba8befa4d2d41e15a7c92b899494f
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d1c9150e1f3352fd72b63ad8c7777a9ebf95c030f72c7df7aa3a7eb353ae3e7f
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 88ae8b5267b065349f9ce0e88ef16ceb09e5afc666503e204cc96a44d6b025b1
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 3ef09e3db2d036412912d2dc0f2038616a893cf7de8f8272e3d6961e76c89555
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: fc5bd6dd0fb38f714470de2160429a8dfc51256197ce9fe63a02f9a3ade3e4dd
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 367dd6cf3533aef6bab1d663405dc0d5a1407fe06e446a039db423deff3e1a8c
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: b6d3707109fdb2ba853dda859b5321b042e8780d7675a23e2dda248e03d407bb
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 38a12ab3416dbee9e3f7072190fd74cbaa0bc38c9ade70bf5a785a5dea0bf139
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 1b904a7d2064fab5870c65c61ea01448af8c1a41432575afeade1039daa76883
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: ba00525fb1748b21bdb2679737e9c8828b0d422ea9b2821c9420ba70b297eea4
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 249771f1da92d23233e7cea832fbb7149331f74b0296e47b33fe4898af888959
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.x86_64.rpm
SHA-256: 9741bec7eefcbbae921ff54aec57d3920883a9da7dba02665a80a0cf39cd60c5
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 61f9ec241a1292a3262dc813fb56c381ea3772cff913768fa612313228de1289
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 864ea8f44ca9505bb8d778032fbfe8fe0ab9daa21c526833ef3f3db48a8dd604
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: c0d4c52901f764e5e34ff1cdb8e5e6c40d161243f15211b731207cf7cd7b394c
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: f32755af0e0ffeec4369c819f293d2f59e1f3bdba1517798a51a84bb264bcac1
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 81bc02d5848c399825376986bd98b73c250ca7c482e30532434368bf28d25da1
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: b8ff023aa6f8b322301a260128b073b066f406d9e54e1f57ce54dccd9ed3b40c
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: d9bae091621935316313672415491347410bee8d826b4dc5b39bebd75b204185
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
SHA-256: 0ec880ea75608714f2a7cee8f7196a297b1f2bc23a12b7e928deda869898c784
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d7e3f09bec3c27873e46e0ad2a441df8a401c0c7554f826aafbd606aff8e0bf8
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: dfc2dc0ecb133b1c7233c2356518d0f9d6f32447d2fce3a0c172755a51ca7cc1
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 940db9721d619db60185b898b6619819b4be42330cae9c4ba074ef460b7512f8
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm
SHA-256: b5f5d2d7fbdc723a8fb56793650da1e168f5c054caa45bc05cca9604bd198f4b
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 708b428b2679ec462759990982ea8d95f137e566d42650b270df325bc4619c9c
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 1fa8b20d48dbe79b6d0714fc6f35cf7ba1e2c58b27d599c21aa7a5716064a8bc
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: d1c9150e1f3352fd72b63ad8c7777a9ebf95c030f72c7df7aa3a7eb353ae3e7f
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.aarch64.rpm
SHA-256: 88ae8b5267b065349f9ce0e88ef16ceb09e5afc666503e204cc96a44d6b025b1
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 4bf95feb547125c70a5cff45b1734e42f68e6db787df5730f843998e9bd7b27a
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: abc283ba1635f2d07af072b7e59911bb06ec690642fc2732100825f89fa2a18d
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 490f5c8fe8f340f033285969d3b70b96f44180f783b26ff4423958f15abe9c60
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm
SHA-256: 06e2aec42097bb189a909e36359072c364870f850a2ed021f0543352d01855e1
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: da2a4935d0b0b70abc75e7614a4ae3912b0865aa8dd26f0bbdc64b606e902d64
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: 956b3abbf635230aa8e6aa584635286bbb078b9d9c56a08bb6eefea6ec60318d
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: 772e0dabac533fa08b1eb2dfca2ac2559832d930cb8fd95511cf74118950a7c9
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.s390x.rpm
SHA-256: bc9fb0fca768e014f015dacda5c855001d6256b739f199d05a2130fa4859f414
Related news
Red Hat Security Advisory 2022-8434-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.
An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory
Red Hat Security Advisory 2022-6915-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10.
Red Hat Security Advisory 2022-6914-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.424 and .NET Runtime 3.1.30.
Red Hat Security Advisory 2022-6912-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.424 and .NET Runtime 3.1.30.
Red Hat Security Advisory 2022-6911-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10.
Ubuntu Security Notice 5670-1 - Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary code.
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory
## Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0.0-rc, .NET 6.0, .NET Core 3.1, and NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol). This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 7.0.0-rc.1, .NET 6.0, .NET Core 3.1, and NuGet clients (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol) where a malicious actor could cause a user to execute arbitrary code. ## Affected software ### NuGet & NuGet Packages - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.3.0 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.2.1 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.0.2 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 5.11.2 version or earlier. - Any NuGe...