[ubuntu/questing-proposed] dotnet9 9.0.107-9.0.6-0ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jun 11 11:21:58 UTC 2025
dotnet9 (9.0.107-9.0.6-0ubuntu1) questing; urgency=medium
* New upstream release
* SECURITY UPDATE: remote code execution
- CVE-2025-30399: DLL Hijacking Remote Code Execution Vulnerability.
When using the Download File task in Microsoft.NETCore.App.Runtime,
omitting the DestinationFileName in the task invocation may expose
users to remote file hijacking if the server is malicious.
Date: 2025-06-09 11:17:05.690395+00:00
Changed-By: Dominik Viererbe <dominik.viererbe at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/dotnet9/9.0.107-9.0.6-0ubuntu1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list