[ubuntu/questing-security] dotnet8 8.0.124-8.0.24-0ubuntu1~25.10.1 (Accepted)
Ian Constantin
ian.constantin at canonical.com
Tue Feb 10 21:13:56 UTC 2026
dotnet8 (8.0.124-8.0.24-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release
* SECURITY UPDATE: security feature bypass
- CVE-2026-21218: An attacker could exploit this vulnerability in
System.Security.Cryptography.Cose by crafting a malicious payload that
bypasses the security checks in the affected .NET versions, potentially
leading to unauthorized access or data manipulation.
* d/p/0002-roslyn-analyzers-dont-use-apphost.patch: refreshed patch to fix
hunk failure.
dotnet8 (8.0.123-8.0.23-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release (LP: #2138326)
* d/t/regular-tests: synced with upstream.
- Removed release-version-sane test following upstream.
- Removed unnecessary files from source tree.
- cgroup-limit/test.sh: fix autopkgtest regression in Ubuntu releases with
rust-coreutils by comparing the cgroup filesystem ID instead of friendly
name.
* d/t/run-regular-tests: fixed test username typo.
* d/rules: cleaned up trailing spaces.
* d/eng/test-runner: removed unnecessary files from source tree.
dotnet8 (8.0.122-8.0.22-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release (LP: #2130895)
* d/{sdk-check-config.json,rules}: `dotnet sdk check` tool points to
Canonical's release database.
* d/eng/test-runner/*/obj: removed unwanted build artifact directory from
source package.
* d/t/regular-tests: synced with upstream to fix failing tests and add new
ones for .NET 10.
Date: 2026-02-09 15:16:10.821877+00:00
Changed-By: Mateus Rodrigues de Morais <mateus.morais at canonical.com>
Signed-By: Ian Constantin <ian.constantin at canonical.com>
https://launchpad.net/ubuntu/+source/dotnet8/8.0.124-8.0.24-0ubuntu1~25.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list