(RHSA-2020:2475) Important: .NET Core on Red Hat Enterprise Linux 7 security update

2020-06-10T13:19:59
ID RHSA-2020:2475
Type redhat
Reporter RedHat
Modified 2020-06-10T13:51:55

Description

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.105 and .NET Core Runtime 3.1.5.

Security Fix(es):

  • dotnet: Denial of service via untrusted input (CVE-2020-1108)

This is an additional update to comprehensively address CVE-2020-1108.

Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.