(RHSA-2020:2988) Critical: .NET Core security and bugfix update

ID RHSA-2020:2988
Type redhat
Reporter RedHat
Modified 2020-07-16T23:12:38


.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516.

Security Fix(es):

  • .NET Core: XML source markup processing remote code execution (CVE-2020-1147)

Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.