[Bug 2060261] Re: [SRU] New upstream microrelease .NET 8.0.4 and SDK 8.0.104

Launchpad Bug Tracker Wed, 15 May 2024 06:25:34 -0700

This bug was fixed in the package dotnet8 -
8.0.105-8.0.5-0ubuntu1~22.04.1

---------------
dotnet8 (8.0.105-8.0.5-0ubuntu1~22.04.1) jammy-security; urgency=medium


  * New upstream release
  * SECURITY UPDATE: stack buffer overflow
    - CVE-2024-30045: a stack based buffer overflow in the .NET Double Parse
      routine allows for remote code execution.
  * SECURITY UPDATE: resource dead-lock
    - CVE-2024-30046: a dead-lock in Http2OutputProducer.Stop() results in a
      denial of service.

 -- Ian Constantin <ian.constan...@canonical.com>  Thu, 09 May 2024
17:16:36 +0300

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2060261

Title:
  [SRU] New upstream microrelease .NET 8.0.4 and SDK 8.0.104

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dotnet8/+bug/2060261/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2060261] Re: [SRU] New upstream microrelease .NET 8.0.4 and SDK 8.0.104

Reply via email to