This bug was fixed in the package dotnet6 - 6.0.132-0ubuntu1~23.10.1
---------------
dotnet6 (6.0.132-0ubuntu1~23.10.1) mantic-security; urgency=medium
* New upstream release.
* SECURITY UPDATE: denial of service
- CVE-2024-38095: Denial of service in parsing X.509 Content and
ObjectIdentifiers.
* debian/eng/build-dotnet-tarball.sh: SECURITY_PARTNERS_REPOSITORY
connection method updated.
-- Nishit Majithia <nishit.majit...@canonical.com> Wed, 03 Jul 2024
09:25:05 +0530
** Changed in: dotnet6 (Ubuntu Mantic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38095
** Changed in: dotnet6 (Ubuntu Jammy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2065300
Title:
[SRU] New upstream microrelease .NET 6.0.30 and SDK 6.0.130
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dotnet6/+bug/2065300/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
