- Vulnerability/
- RHSA-2022:6038
RHSA-2022:6038: Moderate: .NET 6.0 security, bug fix, and enhancement update
First published: Wed Aug 10 2022(Updated: )
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.<br>The following packages have been upgraded to a later upstream version: rh-dotnet60-dotnet (6.0.108). (BZ#2112407)<br>Security Fix(es):<br><li> dotnet: External Entity Injection during XML signature verification (CVE-2022-34716)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/rh-dotnet60-dotnet | <6.0.108-1.el7_9 | 6.0.108-1.el7_9 |
| redhat/rh-dotnet60-aspnetcore-runtime | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-aspnetcore-targeting-pack | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet | <6.0.108-1.el7_9 | 6.0.108-1.el7_9 |
| redhat/rh-dotnet60-dotnet-apphost-pack | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet-debuginfo | <6.0.108-1.el7_9 | 6.0.108-1.el7_9 |
| redhat/rh-dotnet60-dotnet-host | <6.0.8-1.el7_9 | 6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet-hostfxr | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet-runtime | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet-sdk | <6.0-6.0.108-1.el7_9 | 6.0-6.0.108-1.el7_9 |
| redhat/rh-dotnet60-dotnet-sdk | <6.0-source-built-artifacts-6.0.108-1.el7_9 | 6.0-source-built-artifacts-6.0.108-1.el7_9 |
| redhat/rh-dotnet60-dotnet-targeting-pack | <6.0-6.0.8-1.el7_9 | 6.0-6.0.8-1.el7_9 |
| redhat/rh-dotnet60-dotnet-templates | <6.0-6.0.108-1.el7_9 | 6.0-6.0.108-1.el7_9 |
| redhat/rh-dotnet60-netstandard-targeting-pack | <2.1-6.0.108-1.el7_9 | 2.1-6.0.108-1.el7_9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2022:6038?
The severity of RHSA-2022:6038 is classified as moderate.
How do I fix RHSA-2022:6038?
To fix RHSA-2022:6038, upgrade the affected packages to rh-dotnet60-dotnet version 6.0.108-1.el7_9 or later.
What packages are affected by RHSA-2022:6038?
The affected packages include rh-dotnet60-dotnet, rh-dotnet60-aspnetcore-runtime, and several others in the rh-dotnet60 collection.
What type of vulnerability is addressed in RHSA-2022:6038?
RHSA-2022:6038 addresses security vulnerabilities in the .NET framework components.
What is the recommended action for systems using RHSA-2022:6038?
It is recommended to apply the updates as soon as possible to mitigate any potential security risks.
- agent/severity
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/remedy
- agent/references
- agent/title
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2022:6038
- agent/software-canonical-lookup
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat