USN-6362-2

Details

USN-6362-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem.

Original advisory details:

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service.

Affected Packages

dotnet6

Ubuntu 22.04 LTS

Fixed in:

6.0.124-0ubuntu1~22.04.1

dotnet7

Ubuntu 22.04 LTS

Fixed in:

7.0.113-0ubuntu1~22.04.1

References

REPORT

https://launchpad.net/bugs/2040207

REPORT

https://launchpad.net/bugs/2040208

REPORT

https://ubuntu.com/security/CVE-2023-36799

ADVISORY

https://ubuntu.com/security/notices/USN-6362-2