This bug was fixed in the package dotnet8 -
8.0.114-8.0.14-0ubuntu1~22.04.1
---------------
dotnet8 (8.0.114-8.0.14-0ubuntu1~22.04.1) jammy; urgency=medium
* New upstream release (LP: #2101028)
* SECURITY UPDATE: elevation of privilege
- CVE-2025-24070: EoP - Potential Security Risk in
SignInManager.RefreshSignInAsync Method
* debian/control:
- moved Suggests dotnet-runtime-dbg-8.0 from dotnet8 to dotnet-runtime-8.0
- moved Suggests aspnetcore-runtime-dbg-8.0 from dotnet8 to
aspnetcore-runtime-8.0
- moved Suggests dotnet-sdk-dbg-8.0 from dotnet8 to dotnet-sdk-8.0
-- Dominik Viererbe <[email protected]> Thu, 06 Mar 2025
11:24:30 +0200
** Changed in: dotnet8 (Ubuntu Jammy)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-24070
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2101028
Title:
New upstream microrelease 8.0.114 / 8.0.14
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dotnet8/+bug/2101028/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
