USN-6362-1: .NET vulnerability

Packages

dotnet6 - dotNET CLI tools and runtime
dotnet7 - dotNET CLI tools and runtime

Details

Kevin Jones discovered that .NET did not properly process certain
X.509 certificates. An attacker could possibly use this issue to
cause a denial of service.

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

Ubuntu Release	Package Version
23.04 lunar	aspnetcore-runtime-6.0 – 6.0.122-0ubuntu1~23.04.1
	aspnetcore-runtime-7.0 – 7.0.111-0ubuntu1~23.04.1
	dotnet-host – 6.0.122-0ubuntu1~23.04.1
	dotnet-host-7.0 – 7.0.111-0ubuntu1~23.04.1
	dotnet-hostfxr-6.0 – 6.0.122-0ubuntu1~23.04.1
	dotnet-hostfxr-7.0 – 7.0.111-0ubuntu1~23.04.1
	dotnet-runtime-6.0 – 6.0.122-0ubuntu1~23.04.1
	dotnet-runtime-7.0 – 7.0.111-0ubuntu1~23.04.1
	dotnet-sdk-6.0 – 6.0.122-0ubuntu1~23.04.1
	dotnet-sdk-7.0 – 7.0.111-0ubuntu1~23.04.1
	dotnet6 – 6.0.122-0ubuntu1~23.04.1
	dotnet7 – 7.0.111-0ubuntu1~23.04.1
22.04 jammy	aspnetcore-runtime-6.0 – 6.0.122-0ubuntu1~22.04.1
	aspnetcore-runtime-7.0 – 7.0.111-0ubuntu1~22.04.1
	dotnet-host – 6.0.122-0ubuntu1~22.04.1
	dotnet-host-7.0 – 7.0.111-0ubuntu1~22.04.1
	dotnet-hostfxr-6.0 – 6.0.122-0ubuntu1~22.04.1
	dotnet-hostfxr-7.0 – 7.0.111-0ubuntu1~22.04.1
	dotnet-runtime-6.0 – 6.0.122-0ubuntu1~22.04.1
	dotnet-runtime-7.0 – 7.0.111-0ubuntu1~22.04.1
	dotnet-sdk-6.0 – 6.0.122-0ubuntu1~22.04.1
	dotnet-sdk-7.0 – 7.0.111-0ubuntu1~22.04.1
	dotnet6 – 6.0.122-0ubuntu1~22.04.1
	dotnet7 – 7.0.111-0ubuntu1~22.04.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

CVE-2023-36799

CVE-2023-36799

Packages

Details

Update instructions

Reduce your security exposure

References

Related notices