[ubuntu/questing-updates] dotnet10 10.0.100-10.0.0~rc2-0ubuntu1~25.10.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Oct 15 12:28:15 UTC 2025
dotnet10 (10.0.100-10.0.0~rc2-0ubuntu1~25.10.2) questing-security; urgency=medium
[ Dominik Viererbe ]
* New upstream release
* SECURITY UPDATE: denial of service
- CVE-2025-55247: A vulnerability exists in .NET Core where predictable
paths for MSBuild's temporary directories on Linux let another user
create the directories ahead of MSBuild, leading to DoS of builds.
* SECURITY UPDATE: validation bypass
- CVE-2025-55315: Inconsistent interpretation of http requests
('http request/response smuggling') in ASP.NET Core allows an authorized
attacker to bypass a security feature over a network.
Date: 2025-10-15 07:20:52.523964+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/dotnet10/10.0.100-10.0.0~rc2-0ubuntu1~25.10.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list