Lucene search

RedHatRHSA-2022:8434

HistoryNov 15, 2022 - 3:35 p.m.

(RHSA-2022:8434) Moderate: dotnet7.0 security, bug fix, and enhancement update

2022-11-1515:35:40

access.redhat.com

.net framework

security vulnerability

update

cve-2022-41032

linux

cvss score

nuget cache poisoning

0.0005 Low

EPSS

Percentile

19.0%

JSON

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.

The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.100). (BZ#2134641)

Security Fix(es):

dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9ppc64ledotnet-sdk-7.0-debuginfo< 7.0.100-0.5.rc2.el9_1dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
RedHat9aarch64aspnetcore-runtime-7.0< 7.0.0-0.5.rc2.el9_1aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
RedHat9x86_64dotnet-sdk-7.0-debuginfo< 7.0.100-0.5.rc2.el9_1dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
RedHat9x86_64dotnet-host-debuginfo< 7.0.0-0.5.rc2.el9_1dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
RedHat9s390xdotnet-hostfxr-7.0< 7.0.0-0.5.rc2.el9_1dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
RedHat9s390xdotnet-templates-7.0< 7.0.100-0.5.rc2.el9_1dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm
RedHat9ppc64ledotnet-runtime-7.0-debuginfo< 7.0.0-0.5.rc2.el9_1dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
RedHat9aarch64dotnet7.0-debuginfo< 7.0.100-0.5.rc2.el9_1dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
RedHat9x86_64aspnetcore-runtime-7.0< 7.0.0-0.5.rc2.el9_1aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
RedHat9aarch64dotnet-targeting-pack-7.0< 7.0.0-0.5.rc2.el9_1dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	ppc64le	dotnet-sdk-7.0-debuginfo	< 7.0.100-0.5.rc2.el9_1	dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm
RedHat	9	aarch64	aspnetcore-runtime-7.0	< 7.0.0-0.5.rc2.el9_1	aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm
RedHat	9	x86_64	dotnet-sdk-7.0-debuginfo	< 7.0.100-0.5.rc2.el9_1	dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm
RedHat	9	x86_64	dotnet-host-debuginfo	< 7.0.0-0.5.rc2.el9_1	dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm
RedHat	9	s390x	dotnet-hostfxr-7.0	< 7.0.0-0.5.rc2.el9_1	dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm
RedHat	9	s390x	dotnet-templates-7.0	< 7.0.100-0.5.rc2.el9_1	dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm
RedHat	9	ppc64le	dotnet-runtime-7.0-debuginfo	< 7.0.0-0.5.rc2.el9_1	dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm
RedHat	9	aarch64	dotnet7.0-debuginfo	< 7.0.100-0.5.rc2.el9_1	dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm
RedHat	9	x86_64	aspnetcore-runtime-7.0	< 7.0.0-0.5.rc2.el9_1	aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm
RedHat	9	aarch64	dotnet-targeting-pack-7.0	< 7.0.0-0.5.rc2.el9_1	dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm

Rows per page:

1-10 of 721

0.0005 Low

EPSS

Percentile

19.0%

JSON

Related for RHSA-2022:8434