Ausführen von Code mit höheren Privilegien in dotnet5.0
ID: | FEDORA-2021-721731dc86 |
Distribution: | Fedora |
Plattformen: | Fedora 34 |
Datum: | Di, 18. Mai 2021, 07:16 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31204 |
Applikationen: | dotnet5.0 |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-721731dc86 2021-05-18 01:00:32.610711 -------------------------------------------------------------------------------- Name : dotnet5.0 Product : Fedora 34 Version : 5.0.203 Release : 1.fc34 URL : https://github.com/dotnet/ Summary : .NET Runtime and SDK Description : .NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. -------------------------------------------------------------------------------- Update Information: This is the May 2021 release for .NET 5. Release Notes are here: https://github.com/dotnet/core/blob/main/release-notes/5.0/5.0.6/5.0.6.md. This includes a fix for CVE-2021-31204: NET Core Elevation of Privilege Vulnerability Please note this additional change needed to benefit from the CVE fix: > Additionally, if you've deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed. -------------------------------------------------------------------------------- ChangeLog: * Wed May 12 2021 Omair Majid |