search

AOSC-Dev / aosc-os-abbs

ABBS/ACBS tree for AOSC OS package metadata, build configuration, scripts, and patches
https://packages.aosc.io
GNU General Public License v2.0
102 stars 80 forks source link

dotnet-{runtime,sdk}: security update #1376

Closed l2dy closed 6 years ago

l2dy commented 6 years ago

CVE IDs (if any)

CVE-2018-8356, CVE-2018-8171, CVE-2018-8409

Other security advisory IDs (if any)

RHSA-2018:2684-01

Patches (if any)

N/A

PoC(s) (if any)

N/A

Additional descriptions (if applicable)

https://github.com/dotnet/announcements/issues/83

Architectural progress

Please remove any architecture to which the security vulnerabilities do not apply.

l2dy commented 6 years ago

Adding https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.2.md, including CVE-2018-8356, CVE-2018-8171.

MingcongBai commented 6 years ago

Fixed with...

Closing.

l2dy commented 6 years ago

Use AOSA-2018-0404.