-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.1740
Moderate: .NET Core on Red Hat Enterprise Linux security and bug fix update
                                16 May 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Red Hat
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-0981 CVE-2019-0980 CVE-2019-0820

Reference:         ASB-2019.0139

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2019:1236

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: .NET Core on Red Hat Enterprise Linux security and bug fix update
Advisory ID:       RHSA-2019:1236-01
Product:           .NET Core on Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:1236
Issue date:        2019-05-15
CVE Names:         CVE-2019-0820 CVE-2019-0980 CVE-2019-0981 
=====================================================================

1. Summary:

Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore,
rh-dotnet21-dotnet, rh-dotnet22-dotnet and rh-dotnet22-curl are now
available for .NET Core on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

.NET Core is a managed-software framework. It implements a subset of the
.NET framework APIs and several new APIs, and it includes a CLR
implementation.

New versions of .NET Core that address security vulnerabilities are now
available. The updated versions are .NET Core 1.0.16, 1.1.13, 2.1.11, and
2.2.5.

Security Fix(es):

* dotNET: timeouts for regular expressions are not enforced (CVE-2019-0820)

* dotNET: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of
Service (CVE-2019-0980)

* dotNET: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of
Service (CVE-2019-0981)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Re-enable bash completion in rh-dotnet22-dotnet (BZ#1654863)

* Error rebuilding rh-dotnet22-curl in CentOS (BZ#1678932)

* Broken apphost caused by unset DOTNET_ROOT (BZ#1703479)

* Make bash completion compatible with rh-dotnet22 packages (BZ#1705259)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1654863 - Re-enable bash completion in rh-dotnet22-dotnet
1678932 - Error rebuilding rh-dotnet22-curl in CentOS
1703479 - Broken apphost caused by unset DOTNET_ROOT
1703508 - Update to .NET Core 1.1.13
1704454 - Update to .NET Core 1.0.16
1704934 - Update to .NET Core Runtime 2.2.5 and SDK 2.2.107
1705147 - Update to .NET Core Runtime 2.1.11 and SDK 2.1.507
1705259 - Make bash completion compatible with rh-dotnet22 packages
1705502 - CVE-2019-0980 dotNET: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service
1705504 - CVE-2019-0981 dotNET: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service
1705506 - CVE-2019-0820 dotNET: timeouts for regular expressions are not enforced

6. Package List:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.src.rpm

x86_64:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.x86_64.rpm
rh-dotnetcore10-dotnetcore-debuginfo-1.0.16-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.src.rpm

x86_64:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.x86_64.rpm
rh-dotnetcore11-dotnetcore-debuginfo-1.1.13-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnet21-2.1-10.el7.src.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.src.rpm

x86_64:
rh-dotnet21-2.1-10.el7.x86_64.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-debuginfo-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-host-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-runtime-2.1-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-runtime-2.1-10.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnet22-2.2-7.el7.src.rpm
rh-dotnet22-curl-7.61.1-2.el7.src.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.src.rpm

x86_64:
rh-dotnet22-2.2-7.el7.x86_64.rpm
rh-dotnet22-curl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-curl-debuginfo-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-debuginfo-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-fxr-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-runtime-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-libcurl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-libcurl-devel-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-runtime-2.2-7.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.src.rpm

x86_64:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.x86_64.rpm
rh-dotnetcore10-dotnetcore-debuginfo-1.0.16-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.src.rpm

x86_64:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.x86_64.rpm
rh-dotnetcore11-dotnetcore-debuginfo-1.1.13-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnet21-2.1-10.el7.src.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.src.rpm

x86_64:
rh-dotnet21-2.1-10.el7.x86_64.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-debuginfo-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-host-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-runtime-2.1-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-runtime-2.1-10.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnet22-2.2-7.el7.src.rpm
rh-dotnet22-curl-7.61.1-2.el7.src.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.src.rpm

x86_64:
rh-dotnet22-2.2-7.el7.x86_64.rpm
rh-dotnet22-curl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-curl-debuginfo-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-debuginfo-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-fxr-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-runtime-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-libcurl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-libcurl-devel-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-runtime-2.2-7.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.src.rpm

x86_64:
rh-dotnetcore10-dotnetcore-1.0.16-1.el7.x86_64.rpm
rh-dotnetcore10-dotnetcore-debuginfo-1.0.16-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.src.rpm

x86_64:
rh-dotnetcore11-dotnetcore-1.1.13-1.el7.x86_64.rpm
rh-dotnetcore11-dotnetcore-debuginfo-1.1.13-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnet21-2.1-10.el7.src.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.src.rpm

x86_64:
rh-dotnet21-2.1-10.el7.x86_64.rpm
rh-dotnet21-dotnet-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-debuginfo-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-host-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-runtime-2.1-2.1.11-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.507-2.el7.x86_64.rpm
rh-dotnet21-runtime-2.1-10.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnet22-2.2-7.el7.src.rpm
rh-dotnet22-curl-7.61.1-2.el7.src.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.src.rpm

x86_64:
rh-dotnet22-2.2-7.el7.x86_64.rpm
rh-dotnet22-curl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-curl-debuginfo-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-dotnet-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-debuginfo-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-host-fxr-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-runtime-2.2-2.2.5-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.107-2.el7.x86_64.rpm
rh-dotnet22-libcurl-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-libcurl-devel-7.61.1-2.el7.x86_64.rpm
rh-dotnet22-runtime-2.2-7.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-0820
https://access.redhat.com/security/cve/CVE-2019-0980
https://access.redhat.com/security/cve/CVE-2019-0981
https://access.redhat.com/security/updates/classification/#moderate
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0820
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0980
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0981

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXNyKvtzjgjWX9erEAQiFIQ//RuDdkjwFrjsW69TloyogPym1x5uZp2eB
hMR1l6l3YTE5ZIeCz7nn86P7IYtLAOiYj5ynjNbGT7aHrM7/R4REedYYqCFxWuu3
3N6vgg/ap1fB+0XdNX+PFNWm/orYRiVr6jyZs2hX4LSDLsQwHuOqVoDcApAHnggH
kCRpaxlTEaG9/wyIY3Zvd7ZasxfVUfzhlpzpw25kq6OFJyIokWnVE8G+vs5KS3GQ
pTir+3hMc3as8RQVCnWNZoeUhSUemZHvq5MyQqwLCeMFf6CvUTe04oDrMp7FUJHa
UcImbcSzzrx3kBvFFmIv6D1uCetuRTrMaXBuOlZcpCJUcnHncvb1OvFhqAeGO6uN
NqNnDyRUbyX2cHKpyYTUIfZsCsgKIOBHZNU911URlqnvHAu0LlgAOM0r1uXU48Wg
z+LtgnFTDbRmFEspKpN98z4whSL8BnMR8VS/FmPfXo2ApFvipofCK+kPStU0lXZB
n7xn4PJyKfst8xUkRfwJ09/GpN328i7QtH53aQG0HCQzKRhxswnc86aQnPW95RWP
DPd4EAB74Bq1pEYqRN/gai6bhFsoCS0agf+M7lqBN8ZnQOScj5HD5hy8fsPvB1xD
/I5I1sIOJ+Ar0FaCfZqFoXKncap0cp/bBJlHvfCpze4yISy7h6t2E/4l59Zs1xhm
KCZo5tPFVoU=
=dJ6F
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXNys7GaOgq3Tt24GAQirnBAAxEL6SsRpshfSHs1CfYXMerg6zo10z3oJ
/JvogvTxClRK+Kmz5dVKiKV2Lspem64fYfSAEwDB0RXcMpISXZvcZeyXs2rne6FT
6oL8o1dZT+0qGjAMpj2iUwNPhAP40RyjvzWfiOTDujLCfZkWpk566Cphx2SZucxV
byLNMfYhEHVKkG7Fp5HfrqNtY/uY/uWbYoBATNToSkKOY34aJ9fEW9ltUHplTT8A
A3Z0QpayF6nrNvVUCa1Z8ExTg5bUeG2IlA6TBqke11LeRrxepPssc6fhl6WZHeJw
pssWaKjS2peA6sR7Xi0w6N1wDU3lyI4iQvQuD7vEw6zCpGwiXIabm0rJYSvJ3lRC
IMKKnOTZ52AtnCOxjBuLnm2xA9fFngtVh7lI4lQtnVbMe4y6LHJ8m3srP5B/kJjv
4EIdffALwGKf7DsmL8oktXme8JXBw2r4Wseq6Zt+37sB075jMrIPtKS7frnbR0zM
5Zgm9F71vLiJWUToO8+J2RWmv2Rk44oM/zBqcs4f1W0jvKGer7N7Oj4ADAUlLOIM
r6paFKpkP+F8P+e1mh18RC8NScOl7wEIhu+9k4MtEsWQrJDuux50Dvr3gkfJwiLJ
WnVT0qqvAZmBHhQ5BGpNZIxN6NZh9xPte62P06twjVCZ/6jA6J5Ajv4sQpTFdkGl
trfyQZgGPnY=
=1vEK
-----END PGP SIGNATURE-----