Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7826: Red Hat Security Advisory: dotnet7.0 security, bug fix, and enhancement update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory
Red Hat Security Data
#vulnerability#linux#red_hat#ibm

Synopsis

Moderate: dotnet7.0 security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.

The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.100). (BZ#2134642).

Security Fix(es):

  • dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2132614 - CVE-2022-41032 dotnet: Nuget cache poisoning on Linux via world-writable cache directory
  • BZ - 2134642 - Update .NET 7 to RC 2 [rhel-8.7.0.z]

Red Hat Enterprise Linux for x86_64 8

SRPM

dotnet7.0-7.0.100-0.4.rc2.el8_7.src.rpm

SHA-256: c81fd940d7e1108d872fddd88e1507aec57825735c3e12d21a5f118fa2f03754

x86_64

aspnetcore-runtime-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: d048f075031f7469cacbc5053c614faf8f67428e79b414ecbc4ae177f3592e30

aspnetcore-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 593596aa401e181d4a081394c1f059f8d9f694e602e1f462a6c4524fecbc72f2

dotnet-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: eebc65934e3814516a7e282cf83cba316fefb44acf368a6fdbae3ad8c6947b49

dotnet-apphost-pack-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 3234d3b30d639db797e068814cc7c3881d28e33cd597c9586a518d57ddc9ce4c

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: f325aa9bc552361101c63f4680aba64c1556bdf340db2ff975fadeedb7696b22

dotnet-host-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: c85819cbec77aeca9c6c675d2aa5435513ae7f5f343bfb74950f4cf51bc8a049

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: e283b95fa9c6a9d7716be141adb19c61e23b3cad1a12cee6b4c238c4fce1d4ce

dotnet-hostfxr-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 94fd19d5bd59240d0a2999a61fe03394efbc588dd17cf625a701ef0c8eb4c840

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 740215fb3e0219dc0aab9802b38ca1ef18b65dc731d224da6cc9b2c01d49a4bd

dotnet-runtime-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 2d09e0b1b0c17ac56021e81bdd5069fa895ba1e8265d51817c71d51242330d23

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 3a59f61da2bc32d634e0549854a4fed00c7522d3b0a81c1fa9d514fcebab627d

dotnet-sdk-7.0-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: acb6df28132084a5ce4e652ae8261b04182b43317c552d02604a70f40efa60b4

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 8085305404fe368641e4f79e32916909eb9a230b1ee066bccd3bbf139a634ef6

dotnet-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 4dbb1d895983e5b61de87650511e8cad3ab673f99501f60ce5564031eef601e9

dotnet-templates-7.0-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 772646ca83c8a14d62fe7916f12e656ad3ee409195d7dd3498ac8b11ee52fb81

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 6a7e4b02e11156f07a10f3cdb062e7e2dd2c68482eaefa7e851e67caab5719c5

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 6fe95eb5cd46162cbd2ea8d8f638b6407e54131e3ed11faf7046142f90a53a28

netstandard-targeting-pack-2.1-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 4a7e8f3c96ebb9d47e3abe22afd1e95e4153da91f443adb4a0cbe45f6e39e80b

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

dotnet7.0-7.0.100-0.4.rc2.el8_7.src.rpm

SHA-256: c81fd940d7e1108d872fddd88e1507aec57825735c3e12d21a5f118fa2f03754

s390x

aspnetcore-runtime-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: be3c1aa1814e614c5943dff048ce4bd56b746a670645965881b0f7a329cf29c4

aspnetcore-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: a2eff04a4c45b321c20bab7d4e6fa6827518d6a87a08ac99f755c10d26a7496c

dotnet-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 24ba066c69e165579d659b54eff64b7d2765719ae0688f4a0240aa2443f352ce

dotnet-apphost-pack-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 842bf62b7cef56752b94bc35310ba374c99c48e971014aae8f921e8e9ffc607e

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 3c3a2cf0807e547d30198d0a0dfff8d17c5a5a41af87dd47468344c1fa103da4

dotnet-host-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 966dbb4405293d75f583b19a796a1256e20afd4206b8dae59648ededd2787e16

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 0f673f89bac462f0e15a40a46af09d23181f118b5bc546b3bbe16672a3cfefb7

dotnet-hostfxr-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 90f9924f542439849384db994c2bf7b5b532d8cf4a09856969e70d8474166a30

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 30c7062ea147ef0deb12c061a2d756c46ce6718f1bdaf8561fe2995777776af0

dotnet-runtime-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 2a3cd569a46e45938d4c97fad98dc17454cb7fad66aef05ade64e145a4d564cc

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 9f8a5f675acc1b59eaa54d20a930cc64fb53c0027bc4f465efb01f719e9a605e

dotnet-sdk-7.0-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: dee1e763bd38a7722596f2ba5e15e908bdac98375e7d3f0b4f27009f0317739d

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 3ca6e684c1d94eb6d2ceb3d07c3f79301353fb9f3c3902787358cac202624b9d

dotnet-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 49efaba30e9f2fff90fa654495e617b28a0f82358e97e1dead9f6c7bf74ee12c

dotnet-templates-7.0-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 9aaff2448d568447a51604eacd9a124413421702e020a24ba80d45b6698088b9

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 7e75a542bc90edd5d03dde2c4384ab4818c9d9c819c5c9d5dd0a078df5d9b07c

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 88a2360f49ae9167b35c4744815c0cd2def2d50eba5aa25bf5cce322ba8e24ff

netstandard-targeting-pack-2.1-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 9b21b791b9ec0553deea177eacbd15dba147a3871de8aa4f9d4171441936d413

Red Hat Enterprise Linux for Power, little endian 8

SRPM

dotnet7.0-7.0.100-0.4.rc2.el8_7.src.rpm

SHA-256: c81fd940d7e1108d872fddd88e1507aec57825735c3e12d21a5f118fa2f03754

ppc64le

aspnetcore-runtime-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: e7804749e230e6485a83a3522da69665bfceedcb5b9cd19f546b8dd4cd42aff8

aspnetcore-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 47d7500bebf51f780a74cf7a27a627ffdb4ce2d0f627305226799c0dd490b1e8

dotnet-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 9bd0892f7a6ba503667fd6f102ac9cd3a1a747640b64267029fb283e0a481275

dotnet-apphost-pack-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: a89e8000d12fbd20bf5fd7786ac5cffe9a9d0a05a03d313a88ec0d06946339f4

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: e47c6c92ea6db0ed41a06c58a379d2ca18b6973db0c88e0f92db15e177c22f2e

dotnet-host-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 1de43a5a1e5293de8e1ca8ba61eb45bac53975f62e791a46caf7503b2a7ed87a

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 0747a8d6a2e8143a4f583fb6e9f24f06d13af7ec56c77fc83813582dc452e9a8

dotnet-hostfxr-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 94581321c27f919467396dfb581a808b189f3b897bfa7bd487d1e1b689bd6ec0

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: e4f7343df6556d5e3cae4e9910a02c4f6ad41aa9e7fa0d711d5e3fe9c038607e

dotnet-runtime-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 674dfb5f8a58a2761fe4c298563387b6ad3b6082c04b902b3b60c3ff8a2c38f9

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: f3dfda9e615e51612c377e706cf4b1aa64795b2339fe94f96312a097c26e3ce9

dotnet-sdk-7.0-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 8be511ac1a429724089dbb1df7212b1e28f59ee381b5bd23bad055a372211f9a

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 745b688a027a23ac9a09817cf3738bebb0c3f3bdd9a77757bcf109de374e113e

dotnet-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 16453b4152ab8098265594d71165c3c8a3a6f709a34fcee4cc8da0c51baba35c

dotnet-templates-7.0-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 6ae328683a61a7406ec2ec7cf58c990cbc8e7284c062907c89a786955110bcab

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 3e774a6f5bd9f4f12aa1fb751c8b41e41bcdd3694636ff51886d1e6ad0fb812d

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: a311234c81fdf4813e7a9756aee2fff7ade4c4e7a56d0eb9dbdbaffb3a9b91e2

netstandard-targeting-pack-2.1-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 81eeb56c0997baf1c6333535c0a5a4eee8891d977938cece4415c250f21410e3

Red Hat Enterprise Linux for ARM 64 8

SRPM

dotnet7.0-7.0.100-0.4.rc2.el8_7.src.rpm

SHA-256: c81fd940d7e1108d872fddd88e1507aec57825735c3e12d21a5f118fa2f03754

aarch64

aspnetcore-runtime-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 8faf91209d5ec9c25d920885101c7619ee5fadc5733ffa23e433c43570cb8e8c

aspnetcore-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: cbbb138eb1d3397b8725a13acfe17e4695ff6d72c24a96df636bccf50e56ef0b

dotnet-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: b4c7dddc560b2f74c0d85c38bd69c35da02794c14927a5294ecbcd1f463a2b72

dotnet-apphost-pack-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: f170e5e76c83a130f21cabf9b1093cd75db0738acbf15821c7450eb3643c9a9f

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: a0f32b57f19abe335c7e66279e116359b776d632e6e581fbd59f75a958af890a

dotnet-host-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: a2644ad6ff2252be0f4da550c9eb9b2675e0113ad71f2e107662635fc9285a60

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 7414f32e0460db5fa9a10338e4af1b6da522fc48ada12d712fbb048e4ac2c27f

dotnet-hostfxr-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 742c4195c6a74ad50aa5c28bde6cdd9f4e5526179224e99298cbd37fc209dd42

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 4984c6fd0b6c7223c11512055e04c3ca102c196f64768c1e656540858f08589b

dotnet-runtime-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 32b1f62cb93ba487ebdd1c277353d59fd14953cdc8e5db9054ea9e89cb4a67e6

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: edd9433c18dd0f88c4b3fed73a1471e69b28b2ffbdb782b793523620017fb825

dotnet-sdk-7.0-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 97e892fd7907a7c24ab382298f2fb9ebc96a12093a185d22452df2d1f9275e79

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 07f8092910b10bdefc85db09e5051774758972cd91cb4705f27af39725f81eff

dotnet-targeting-pack-7.0-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 8224e47769e2d1db968d3a1345e07c349c9dbadf8f6e28d96fd082726469b661

dotnet-templates-7.0-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 7cb0b47736a19858decee9a0442a635df2fd84b208a11f964b4e1bf4461cca62

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 9fc7391dd4f11b74c8cf73c9b3fed54e068978a69bfd2cdd429c69177de37a05

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: dec39312153eafa5083fb78126fedb5a73f93652b670d4b8c9badbe91cc5a70d

netstandard-targeting-pack-2.1-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 27c52d403be9fa1e17c867d822f693f1794cc165adfb4d12ed96ef15c59b046d

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: f325aa9bc552361101c63f4680aba64c1556bdf340db2ff975fadeedb7696b22

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: e283b95fa9c6a9d7716be141adb19c61e23b3cad1a12cee6b4c238c4fce1d4ce

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 740215fb3e0219dc0aab9802b38ca1ef18b65dc731d224da6cc9b2c01d49a4bd

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 3a59f61da2bc32d634e0549854a4fed00c7522d3b0a81c1fa9d514fcebab627d

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 8085305404fe368641e4f79e32916909eb9a230b1ee066bccd3bbf139a634ef6

dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 0565701ab1269cd545902bea3e47a4430b13a49681f272c9d461f6c6fef187fe

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 6a7e4b02e11156f07a10f3cdb062e7e2dd2c68482eaefa7e851e67caab5719c5

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.x86_64.rpm

SHA-256: 6fe95eb5cd46162cbd2ea8d8f638b6407e54131e3ed11faf7046142f90a53a28

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: e47c6c92ea6db0ed41a06c58a379d2ca18b6973db0c88e0f92db15e177c22f2e

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 0747a8d6a2e8143a4f583fb6e9f24f06d13af7ec56c77fc83813582dc452e9a8

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: e4f7343df6556d5e3cae4e9910a02c4f6ad41aa9e7fa0d711d5e3fe9c038607e

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: f3dfda9e615e51612c377e706cf4b1aa64795b2339fe94f96312a097c26e3ce9

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 745b688a027a23ac9a09817cf3738bebb0c3f3bdd9a77757bcf109de374e113e

dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 7416e5a834e7f3daff06167da01815241d7870f5606c1fa58602e31b7f423fea

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: 3e774a6f5bd9f4f12aa1fb751c8b41e41bcdd3694636ff51886d1e6ad0fb812d

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.ppc64le.rpm

SHA-256: a311234c81fdf4813e7a9756aee2fff7ade4c4e7a56d0eb9dbdbaffb3a9b91e2

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: a0f32b57f19abe335c7e66279e116359b776d632e6e581fbd59f75a958af890a

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 7414f32e0460db5fa9a10338e4af1b6da522fc48ada12d712fbb048e4ac2c27f

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 4984c6fd0b6c7223c11512055e04c3ca102c196f64768c1e656540858f08589b

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.aarch64.rpm

SHA-256: edd9433c18dd0f88c4b3fed73a1471e69b28b2ffbdb782b793523620017fb825

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 07f8092910b10bdefc85db09e5051774758972cd91cb4705f27af39725f81eff

dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: f248a76a8cdee91577c20f1af168d4609a51f192b46b72b31a7c048496b20588

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: 9fc7391dd4f11b74c8cf73c9b3fed54e068978a69bfd2cdd429c69177de37a05

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.aarch64.rpm

SHA-256: dec39312153eafa5083fb78126fedb5a73f93652b670d4b8c9badbe91cc5a70d

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 3c3a2cf0807e547d30198d0a0dfff8d17c5a5a41af87dd47468344c1fa103da4

dotnet-host-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 0f673f89bac462f0e15a40a46af09d23181f118b5bc546b3bbe16672a3cfefb7

dotnet-hostfxr-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 30c7062ea147ef0deb12c061a2d756c46ce6718f1bdaf8561fe2995777776af0

dotnet-runtime-7.0-debuginfo-7.0.0-0.4.rc2.el8_7.s390x.rpm

SHA-256: 9f8a5f675acc1b59eaa54d20a930cc64fb53c0027bc4f465efb01f719e9a605e

dotnet-sdk-7.0-debuginfo-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 3ca6e684c1d94eb6d2ceb3d07c3f79301353fb9f3c3902787358cac202624b9d

dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: f7ee3bad792768ad1d6fe62adee7245f3c16e1ddf8f9f0882461c20e738a51b8

dotnet7.0-debuginfo-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 7e75a542bc90edd5d03dde2c4384ab4818c9d9c819c5c9d5dd0a078df5d9b07c

dotnet7.0-debugsource-7.0.100-0.4.rc2.el8_7.s390x.rpm

SHA-256: 88a2360f49ae9167b35c4744815c0cd2def2d50eba5aa25bf5cce322ba8e24ff

Related news

Red Hat Security Advisory 2022-8434-01

Red Hat Security Advisory 2022-8434-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.

RHSA-2022:8434: Red Hat Security Advisory: dotnet7.0 security, bug fix, and enhancement update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory

Red Hat Security Advisory 2022-6914-01

Red Hat Security Advisory 2022-6914-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.424 and .NET Runtime 3.1.30.

Red Hat Security Advisory 2022-6911-01

Red Hat Security Advisory 2022-6911-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10.

Red Hat Security Advisory 2022-6913-01

Red Hat Security Advisory 2022-6913-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10.

Ubuntu Security Notice USN-5670-1

Ubuntu Security Notice 5670-1 - Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary code.

RHSA-2022:6915: Red Hat Security Advisory: .NET 6.0 on RHEL 7 security and bugfix update

An update for .NET 6.0 is available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory

RHSA-2022:6911: Red Hat Security Advisory: .NET 6.0 security and bugfix update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory

RHSA-2022:6914: Red Hat Security Advisory: .NET Core 3.1 on RHEL 7 security and bugfix update

An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory

RHSA-2022:6913: Red Hat Security Advisory: .NET 6.0 security and bugfix update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41032: dotnet: Nuget cache poisoning on Linux via world-writable cache directory

GHSA-g3q9-xf95-8hp5: NuGet Elevation of Privilege Vulnerability

## Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0.0-rc, .NET 6.0, .NET Core 3.1, and NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol). This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 7.0.0-rc.1, .NET 6.0, .NET Core 3.1, and NuGet clients (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol) where a malicious actor could cause a user to execute arbitrary code. ## Affected software ### NuGet & NuGet Packages - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.3.0 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.2.1 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.0.2 version or earlier. - Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 5.11.2 version or earlier. - Any NuGe...

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability.