-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.2300
          .NET Core 3.1 security, bug fix, and enhancement update
                                12 May 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           .NET Core 3.1
Publisher:         Red Hat
Operating System:  Red Hat
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-29145 CVE-2022-29117 CVE-2022-23267

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2022:2202

Comment: CVSS (Max):  7.5 CVE-2022-29145 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
         CVSS Source: Red Hat
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: .NET Core 3.1 security, bug fix, and enhancement update
Advisory ID:       RHSA-2022:2202-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:2202
Issue date:        2022-05-11
CVE Names:         CVE-2022-23267 CVE-2022-29117 CVE-2022-29145 
=====================================================================

1. Summary:

An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux
8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - x86_64
Red Hat Enterprise Linux AppStream (v. 8) - x86_64

3. Description:

.NET Core is a managed-software framework. It implements a subset of the
.NET
framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address a security vulnerability are now
available. The updated versions are .NET Core SDK 3.1.419 and .NET Core
Runtime 3.1.25.

Security Fix(es):

* dotnet: excess memory allocation via HttpClient causes DoS
(CVE-2022-23267)

* dotnet: malicious content causes high CPU and memory usage
(CVE-2022-29117)

* dotnet: parsing HTML causes Denial of Service (CVE-2022-29145)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2083647 - CVE-2022-29117 dotnet: malicious content causes high CPU and memory usage
2083649 - CVE-2022-29145 dotnet: parsing HTML causes Denial of Service
2083650 - CVE-2022-23267 dotnet: excess memory allocation via HttpClient causes DoS

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
dotnet3.1-3.1.419-1.el8_6.src.rpm

x86_64:
aspnetcore-runtime-3.1-3.1.25-1.el8_6.x86_64.rpm
aspnetcore-targeting-pack-3.1-3.1.25-1.el8_6.x86_64.rpm
dotnet-apphost-pack-3.1-3.1.25-1.el8_6.x86_64.rpm
dotnet-apphost-pack-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-hostfxr-3.1-3.1.25-1.el8_6.x86_64.rpm
dotnet-hostfxr-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-runtime-3.1-3.1.25-1.el8_6.x86_64.rpm
dotnet-runtime-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-sdk-3.1-3.1.419-1.el8_6.x86_64.rpm
dotnet-sdk-3.1-debuginfo-3.1.419-1.el8_6.x86_64.rpm
dotnet-targeting-pack-3.1-3.1.25-1.el8_6.x86_64.rpm
dotnet-templates-3.1-3.1.419-1.el8_6.x86_64.rpm
dotnet3.1-debuginfo-3.1.419-1.el8_6.x86_64.rpm
dotnet3.1-debugsource-3.1.419-1.el8_6.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

x86_64:
dotnet-apphost-pack-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-hostfxr-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-runtime-3.1-debuginfo-3.1.25-1.el8_6.x86_64.rpm
dotnet-sdk-3.1-debuginfo-3.1.419-1.el8_6.x86_64.rpm
dotnet-sdk-3.1-source-built-artifacts-3.1.419-1.el8_6.x86_64.rpm
dotnet3.1-debuginfo-3.1.419-1.el8_6.x86_64.rpm
dotnet3.1-debugsource-3.1.419-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-23267
https://access.redhat.com/security/cve/CVE-2022-29117
https://access.redhat.com/security/cve/CVE-2022-29145
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYnw2TNzjgjWX9erEAQiM9A/+JBPm6xW7iFYN+VkWRX4UhDBN9aW8nfqT
9JxtUdAgOVNAhxeZz+UYevvYaN7Ee93iEnuy1qkLnyq1BEpIwJhsB5WVFYCKMR/5
Ev1bL+L+UaJJho9yqk9WPsvC2NT56ix0qdVg7ijmfK200/ZDTD316F73nzCAlB42
fKs0k3iAG7ph8kSp2Z1lC42P3xmEyOCkYFPdHcz5ZgHyTw8gga0Y0bcc0IfOqodC
ceETRU47uvtPVJkbKYFc8rF2hmpYCLDOB07LJSxGCZML2/Cds9GRnV3EcrLv/Pi5
CKyL/lD5ScqsEV+/sdyL44aJcV4JRCBKQ/PzdJJHhMccKJBK+eTk7MMme3ugLsBj
+qCsI918V/TY1JA3f0IclQPpNlFvsAojOxhvn/4MFcf5X9dH5u+HedmYLzfW7H9x
tOMGkOg8+nZWjQT5fnT+pgOGMndBVsi4agBQy7bGnnVEMDfSj6FwI9yt65QI0BAn
jrZpU2WgDg9IhpI7lNlgcpgYn5Rw1vc820vNwMobHAUYM6GKw3RQgFfSINysz5/6
ca2otjnaOdfdp3dU3OYg1GvnLVlRvE3Y71191gtAZKU2vmr8lpeYx31iRp3u+lvE
xo8ROnOq7MKa6Rv+YxLX8hSPdTd5hje5qWcsYyLliNw7qweDtCixPI4S15thpjMS
UwquNOdkn08=
=OLmk
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYnxIj8kNZI30y1K9AQgcxg/9GmGXQOvReXo9Qa65HMVROf3qLI5TamFY
534Du3DkiBKHcSJIbZnHE0JKNxdEAbmaJhRJXyQEAX4RXbSvFO5zUShWKEvAfbdV
C+UxDd7GjXcU8HHS+GbbRVGdBgsR2GK/3WK9MyzKrS3G6dm0QWqqkh4T89EBkur4
pS8/KB64K4nsZazXOckqwsH3IuRI8qXGrqAM8GPya5jx8dyjewyB8fJMUyOwPdK5
nQ4P96v4nRsJbbyov3rNp8aKBCr/Y6ZbGRnbFmXv6m67S6Vy9lOrraQ/ecRI9T1N
KtGcF0xazrUmv+N5VaKHBcJnQ7SnYg3qMSQYrz55qKgmawnhuj3GZDql5DR+2VXM
n6YabukXPl/P8KuZTlYCaNv3eZMhG9cRF+EGURhLhOy3NR0GiWUJTqbIHx8KBgK9
UuieuFpJ2fJaBQxCRfKorZy7mS3xZ93jueL9Gq0Ae9qbme5QmNTYdZXEw52CQ+Kk
sORIuTuQM/XL1ASkvTy9MU4a2q2eg/OLlrCYysjDctPRWWlrz7tvYLEU4JP2ok8C
Wj2JmM0AAJ5To1KNdtsmgB0qWgK+gRkrM7OtQ1I7rton9N/kzW6IfOUeAPV91rh1
rWj9n9/khlcjeArztFT/8ntvl1HQ/w6T8v05T/iMFN5AjOg56Ll2YEFOP7gM0gfH
MMSHrMNPXOM=
=/J2v
-----END PGP SIGNATURE-----