[ubuntu/jammy-security] dotnet6 6.0.116-0ubuntu1~22.04.1 (Accepted)
Ian Constantin
ian.constantin at canonical.com
Tue Apr 11 17:21:19 UTC 2023
dotnet6 (6.0.116-0ubuntu1~22.04.1) jammy-security; urgency=medium
* New upstream release.
* SECURITY UPDATE: elevation of privilege
- CVE-2023-28260: AzureDevOps Elevation of Privilege - Dotnet CWD dll
hijack vuln.
dotnet6 (6.0.115-0ubuntu2~22.04.1) jammy; urgency=medium
* Backport dotnet 6.0.115 to jammy (LP: #2011807).
- debian/control: revert to libicu70
dotnet6 (6.0.115-0ubuntu2) lunar; urgency=medium
* d/p/add-kinetic-rids.patch: Added RIDs for ubuntu 22.10 kinetic.
- Based on the dropped d/p/66225runtime-fix-runtime-id.patch
from wfurt <tweinfurt at yahoo.com>.
dotnet6 (6.0.115-0ubuntu1) lunar; urgency=medium
* New upstream microrelease.
* d/p/66225runtime-fix-runtime-id.patch: Dropped.
dotnet6 (6.0.114-0ubuntu1) lunar; urgency=medium
* New upstream microrelease.
* d/control: Using libicu72.
* d/p/1501sdk-22373-portablerid.patch: Dropped.
* d/repack-dotnet-tarball.sh: New file. Repack MS tarball.
* d/rules: if-else for bootstrapping building versus normal one (as done
for dotnet7). Reenabling install_location file per architecture. Removing
unused commented lines for clarity.
* d/tests: Updating these to match the style of those in dotnet7.
dotnet6 (6.0.113-0ubuntu2) lunar; urgency=medium
* Rebuild against latest icu
dotnet6 (6.0.113-0ubuntu1) lunar; urgency=medium
* New upstream release.
* SECURITY UPDATE: denial of service
- CVE-2023-21538: Parsing an empty HTTP response as a JSON.NET JObject
causes a stack overflow and crashes a process.
Date: 2023-04-11 09:11:09.848208+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
https://launchpad.net/ubuntu/+source/dotnet6/6.0.116-0ubuntu1~22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list