[ubuntu/questing-security] dotnet9 9.0.114-9.0.13-0ubuntu1~25.10.1 (Accepted)
Ian Constantin
ian.constantin at canonical.com
Tue Feb 10 21:13:58 UTC 2026
dotnet9 (9.0.114-9.0.13-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release
* SECURITY UPDATE: security feature bypass
- CVE-2026-21218: An attacker could exploit this vulnerability in
System.Security.Cryptography.Cose by crafting a malicious payload that
bypasses the security checks in the affected .NET versions, potentially
leading to unauthorized access or data manipulation.
* d/p/0002-roslyn-analyzers-dont-use-apphost.patch: refreshed patch to fix
hunk failure.
dotnet9 (9.0.113-9.0.12-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release (LP: #2138931)
* d/t/regular-tests: synced with upstream.
- Removed release-version-sane test following upstream.
- Removed unnecessary files from source tree.
- cgroup-limit/test.sh: fix autopkgtest regression in Ubuntu releases with
rust-coreutils by comparing the cgroup filesystem ID instead of friendly
name.
* d/t/run-regular-tests: fixed test username typo.
* d/rules: cleaned up trailing spaces.
* d/eng/test-runner: removed unnecessary files from source tree.
dotnet9 (9.0.112-9.0.11-0ubuntu1~25.10.1) questing; urgency=medium
* New upstream release (LP: #2130894)
* d/{sdk-check-config.json,rules}: `dotnet sdk check` tool points to
Canonical's release database.
* d/t/regular-tests: synced with upstream to fix failing tests and add new
ones for .NET 10.
Date: 2026-02-09 15:11:11.156669+00:00
Changed-By: Mateus Rodrigues de Morais <mateus.morais at canonical.com>
Signed-By: Ian Constantin <ian.constantin at canonical.com>
https://launchpad.net/ubuntu/+source/dotnet9/9.0.114-9.0.13-0ubuntu1~25.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list