Fedora Linux 8812 Published by

A dotnet6.0 security update has been released for Fedora 37.



SECURITY: Fedora 37 Update: dotnet6.0-6.0.110-2.fc37


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-2c37647a9c
2022-11-20 01:22:45.004923
--------------------------------------------------------------------------------

Name : dotnet6.0
Product : Fedora 37
Version : 6.0.110
Release : 2.fc37
URL :   https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the October 2022 monthly update for .NET 6. It updates the SDK to
6.0.110 and the Runtime to 6.0.10. This update includes a fix for CVE
2022-41032
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct 31 2022 Omair Majid - 6.0.110-2
- Set OPENSSL_ENABLE_SHA1_SIGNATURES=1 when building
* Fri Oct 28 2022 Omair Majid - 6.0.110-1
- Update to .NET SDK 6.0.110 and Runtime 6.0.10
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2133875 - CVE-2022-41032 dotnet6.0: dotnet: Nuget cache poisoning on Linux via world-writable cache directory [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2133875
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-2c37647a9c' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________