Skip to main content

.NET Core May 2020 Updates – 2.1.18 and 3.1.4

Labels:

Today, we are releasing the .NET Core May 2020 Update. These updates contain security and reliability fixes. See the individual release notes for details on updated packages.

NOTE: If you are a Visual Studio user, there are MSBuild version requirements so use only the .NET Core SDK supported for each Visual Studio version. Information needed to make this choice will be seen on the download page. If you use other development environments, we recommend using the latest SDK release.

Getting the Update

The latest .NET Core updates are available on the .NET Core download page. This update will be included in a future update of Visual Studio.

See the .NET Core release notes ( 2.1.18 | 3.1.4 ) for details on the release, including issues fixed and affected packages.

Docker Images

.NET Docker images have been updated for today’s release. The following repos have been updated.

Note: You must pull updated .NET Core container images to get this update, with either docker pull or docker build --pull.

Lifecycle Updates

Ubuntu 20.04 has been added as a supported OS with this update of .NET Core.

.NET Core is now available natively in the Fedora 32 package archives. See the Fedora documentation for details.

Security

CVE-2020-1108: .NET Core Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

Microsoft is aware of a denial of service vulnerability which exists when .NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core web application. The vulnerability can be exploited remotely, without authentication.

A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Core application.

The update addresses the vulnerability by correcting how the .NET Core web application handles web requests.

CVE-2020-1161: ASP.NET Core Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

Microsoft is aware of a denial of service vulnerability which exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.

A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.

The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.

 

The post .NET Core May 2020 Updates – 2.1.18 and 3.1.4 appeared first on .NET Blog.



source https://devblogs.microsoft.com/dotnet/net-core-may-2020/

What's Hot

CVR Nummer : Register CVR Number for Denmark Generate and Test Online

CVR Nummer : Register CVR Number for Denmark Generate and Test Online | Image credit: Pexel What Is Danish CVR The Central Business Register (CVR) is the central register of the state with information on all Danish companies. Since 1999, the Central Business Register has been the authoritative register for current and historical basic data on all registered companies in Denmark. Data comes from the companies' own registrations on Virk Report. There is also information on associations and public authorities in the CVR. As of 2018, CVR also contains information on Greenlandic companies, associations and authorities. In CVR at Virk you can do single lookups, filtered searches, create extracts and subscriptions, and retrieve a wide range of company documents and transcripts. Generate Danish CVR For Test (Fake) Click the button below to generate the valid CVR number for Denmark. You can click multiple times to generate several numbers. These numbers can be used to Test your ...
View more »

Bing Homepage Quiz: Fun, Win Rewards, and Brain Teasers

Bing, Microsoft's search engine, has taken interactive engagement to the next level with its captivating feature - the Bing Homepage Quiz. This intriguing daily quiz not only challenges your knowledge but also offers a chance to earn rewards. In this comprehensive guide, we will explore the ins and outs of the Bing Homepage Quiz, including how to play, the different types of quizzes, and how you can earn and use rewards through this engaging feature. Bing homepage Quiz | Image credit: LanguageLassi How to Play the Bing Homepage Quiz Playing the Bing Homepage Quiz is simple and enjoyable. Here's how you can get started: Visit Bing : Open your preferred web browser and navigate to the Bing homepage (bing.com). Look for the Quiz : On the Bing homepage, keep an eye out for the interactive quiz card. This card is usually located near the bottom of the page and features a captivating image related to the quiz. Click to Start : Click on the quiz card to begin the quiz. It...
View more »

How To Iterate Dictionary Object

Dictionary is a object that can store values in Key-Value pair. its just like a list, the only difference is: List can be iterate using index(0-n) but not the Dictionary . Generally when we try to iterate the dictionary we get below error: " Collection was modified; enumeration operation may not execute. " So How to parse a dictionary and modify its values?? To iterate dictionary we must loop through it's keys or key - value pair. Using keys
View more »