[ubuntu/questing-updates] dotnet9 9.0.115-9.0.14-0ubuntu1~25.10.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Mar 11 00:10:14 UTC 2026
dotnet9 (9.0.115-9.0.14-0ubuntu1~25.10.1) questing-security; urgency=medium
[ Mateus Rodrigues de Morais ]
* New upstream release
* SECURITY UPDATE: denial of service
- CVE-2026-26130: Possible denial-of-service via SignalR stateful
reconnect buffer overfill.
* SECURITY UPDATE: denial of service
- CVE-2026-26127: System.Buffers.Text.Base64Url.DecodeFromChars
out-of-bounds read from malformed Base64Url input. A bug in the
implementation causes out-of-bound reads of the DecodingMap, potentially
leading to Access Violation Exceptions (AVEs) when unsafe code is used.
Date: 2026-03-08 19:56:10.265604+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/dotnet9/9.0.115-9.0.14-0ubuntu1~25.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list