[ubuntu/questing-updates] dotnet9 9.0.118-9.0.17-0ubuntu1~25.10.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Jun 11 09:09:01 UTC 2026
dotnet9 (9.0.118-9.0.17-0ubuntu1~25.10.1) questing-security; urgency=medium
[ Mateus Rodrigues de Morais ]
* New upstream release
* SECURITY UPDATE: arbitrary file write
- CVE-2026-45491: improper link resolution before file access
('link following') in .NET allows an unauthorized attacker to perform
local tampering.
* SECURITY UPDATE: denial of service
- CVE-2026-45591: Stack overflow DoS via deeply-nested MessagePack arrays.
Date: 2026-06-10 09:26:12.307824+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/dotnet9/9.0.118-9.0.17-0ubuntu1~25.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list