[ubuntu/plucky-security] dotnet8 8.0.121-8.0.21-0ubuntu1~25.04.1 (Accepted)
Ian Constantin
ian.constantin at canonical.com
Tue Oct 14 17:17:27 UTC 2025
dotnet8 (8.0.121-8.0.21-0ubuntu1~25.04.1) plucky; urgency=medium
* New upstream release
* SECURITY UPDATE: denial of service
- CVE-2025-55247: A vulnerability exists in .NET Core where predictable
paths for MSBuild's temporary directories on Linux let another user
create the directories ahead of MSBuild, leading to DoS of builds.
* SECURITY UPDATE: validation bypass
- CVE-2025-55315: Inconsistent interpretation of http requests
('http request/response smuggling') in ASP.NET Core allows an authorized
attacker to bypass a security feature over a network.
* SECURITY UPDATE: information disclosure
- CVE-2025-55248: MITM (man in the middle) attacker may prevent use of TLS
between client and SMTP server, forcing client to send data over
unencrypted connection.
* eng/test-runner: sync changes with upstream
* tests/control, tests/regular-tests: sync changes with upstream
* debian/rules: use release.json manifest instead of legacy text file
dotnet8 (8.0.120-8.0.20-0ubuntu1~25.04.1) plucky; urgency=medium
* New upstream release (LP: #2122356)
dotnet8 (8.0.119-8.0.19-0ubuntu1~25.04.1) plucky; urgency=medium
* New upstream release (LP: #2119537)
dotnet8 (8.0.118-8.0.18-0ubuntu1~25.04.1) plucky; urgency=medium
* New upstream release (LP: #2115829)
Date: 2025-10-08 13:47:12.628161+00:00
Changed-By: Dominik Viererbe <dominik.viererbe at canonical.com>
Signed-By: Ian Constantin <ian.constantin at canonical.com>
https://launchpad.net/ubuntu/+source/dotnet8/8.0.121-8.0.21-0ubuntu1~25.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list