-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.0186
     .NET Core on Red Hat Enterprise Linux security and bug fix update
                              17 January 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           .NET Core
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
                   Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-0603 CVE-2020-0602 

Reference:         ASB-2020.0007

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:0130
   https://access.redhat.com/errata/RHSA-2020:0134

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: .NET Core on Red Hat Enterprise Linux security and bug fix update
Advisory ID:       RHSA-2020:0130-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:0130
Issue date:        2020-01-16
CVE Names:         CVE-2020-0602 CVE-2020-0603 
=====================================================================

1. Summary:

An update for dotnet3.0 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - x86_64

3. Description:

.NET Core is a managed-software framework. It implements a subset of the
.NET framework APIs and several new APIs, and it includes a CLR
implementation.

New versions of .NET Core that address security vulnerabilities are now
available. The updated versions are .NET Core SDK 3.0.102 and .NET Core
Runtime 3.0.2.

Security Fixes:

* dotnet: Memory Corruption in SignalR (CVE-2020-0603)

* dotnet: SignalR Denial of Service via backpressure issue (CVE-2020-0602)

Default inclusions for applications built with .NET Core have been updated
to reference the newest versions and their security fixes.

For more details about the security issues, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
pages listed in the References section.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1788171 - Update .NET Core 3.0 to Runtime 3.0.2 and SDK 3.0.102 [rhel-8.1.0.z]
1789623 - CVE-2020-0602 dotnet: Denial of service via backpressure issue
1789624 - CVE-2020-0603 dotnet: Memory Corruption in SignalR

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
dotnet3.0-3.0.102-2.el8_1.src.rpm

x86_64:
aspnetcore-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm
aspnetcore-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm
dotnet-3.0.102-2.el8_1.x86_64.rpm
dotnet-apphost-pack-3.0-3.0.2-2.el8_1.x86_64.rpm
dotnet-apphost-pack-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm
dotnet-host-3.0.2-2.el8_1.x86_64.rpm
dotnet-host-debuginfo-3.0.2-2.el8_1.x86_64.rpm
dotnet-hostfxr-3.0-3.0.2-2.el8_1.x86_64.rpm
dotnet-hostfxr-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm
dotnet-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm
dotnet-runtime-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm
dotnet-sdk-3.0-3.0.102-2.el8_1.x86_64.rpm
dotnet-sdk-3.0-debuginfo-3.0.102-2.el8_1.x86_64.rpm
dotnet-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm
dotnet-templates-3.0-3.0.102-2.el8_1.x86_64.rpm
dotnet3.0-debuginfo-3.0.102-2.el8_1.x86_64.rpm
dotnet3.0-debugsource-3.0.102-2.el8_1.x86_64.rpm
netstandard-targeting-pack-2.1-3.0.102-2.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-0602
https://access.redhat.com/security/cve/CVE-2020-0603
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXiB6PdzjgjWX9erEAQhljBAAi8975yCwOL2SBd6PhVO8ovtBBWnaD63l
muSi5NgZimQDxC3P/D81Otkzc7icK9IYyqTwp6MVbLGxocgNm7RqP9ibf7F/Lqil
d+knFgCsUFr0GdHh2dxsDyJCfR+nhAv/GThiP6tg4wtRMAiNr3we0/abA1NlFdxK
X2M2oHY4yH0V+VsxPSgH5WkdhCYOKYeVYtNbdotR3MJYfGiALpg55844rQEKjhHA
4HAZq1twopQPfYQiQRqKut1CBZGQ+yEHioLo9zdU8MSxv2tNlLMs+DivNS7z+Z4k
4Vk32pvQtesO1nrpQ536/m75UdyvD09Rf5jIEwjyjpROjoKZZx7LDf8PFVS3p/lg
OJgQ/hLhVPR8qjwsApIKbePVaFNzBi0mHI09ek+7KFuhsRqquJ2SH1XGVEfSJjp/
L2liVatJ9BVDUL4CYQKfiUGw6GA7iuvI0OxEaq1gB+9uEysaLyCGolt40O6fYLZA
CHwU/X1QOPzc3RwRqUdYqpolVx7WIxYimGdqdSnG4WreJXcd0L4l/JVQSwv+smdU
lKINsq9p4eFsbP2K5sVvV0PgIadcUgLfGp1m6VvwQMx+97nbgNk3W5kTpoAkfs0h
taRBVNd+UF2QHA7euJ2WhS2f5QndAudwPm8Y0TBgculOb0hcmJkhUH9cHZYdA3cR
ViZI7CUYqhI=
=6rYm
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: .NET Core on Red Hat Enterprise Linux security and bug fix update
Advisory ID:       RHSA-2020:0134-01
Product:           .NET Core on Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:0134
Issue date:        2020-01-16
CVE Names:         CVE-2020-0602 CVE-2020-0603 
=====================================================================

1. Summary:

An update for rh-dotnet30-dotnet and rh-dotnet31-dotnet is now available
for .NET Core on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

.NET Core is a managed-software framework. It implements a subset of the
.NET framework APIs and several new APIs, and it includes a CLR
implementation.

New versions of .NET Core that address security vulnerabilities are now
available. The updated versions are .NET Core SDK 3.0.102, .NET Core
Runtime 3.0.2, .NET Core SDK 3.1.101 and .NET Core Runtime 3.1.1.

Security Fixes:

* dotnet: Memory Corruption in SignalR (CVE-2020-0603)

* dotnet: SignalR Denial of Service via backpressure issue (CVE-2020-0602)

Users must rebuild their applications to pick up the fixes.

Default inclusions for applications built with .NET Core have been updated
to reference the newest versions and their security fixes.

For more details about the security issues, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
pages listed in the References section.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1787151 - Update .NET Core 3.0 to Runtime 3.0.2 and SDK 3.0.102
1787174 - Update .NET Core 3.1 to Runtime 3.1.1 and SDK 3.1.101
1789623 - CVE-2020-0602 dotnet: Denial of service via backpressure issue
1789624 - CVE-2020-0603 dotnet: Memory Corruption in SignalR

6. Package List:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnet30-dotnet-3.0.102-3.el7.src.rpm

x86_64:
rh-dotnet30-aspnetcore-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-aspnetcore-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-apphost-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-debuginfo-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-host-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-hostfxr-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-sdk-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-templates-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-netstandard-targeting-pack-2.1-3.0.102-3.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
rh-dotnet31-dotnet-3.1.101-4.el7.src.rpm

x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.101-4.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnet30-dotnet-3.0.102-3.el7.src.rpm

x86_64:
rh-dotnet30-aspnetcore-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-aspnetcore-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-apphost-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-debuginfo-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-host-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-hostfxr-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-sdk-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-templates-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-netstandard-targeting-pack-2.1-3.0.102-3.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source:
rh-dotnet31-dotnet-3.1.101-4.el7.src.rpm

x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.101-4.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnet30-dotnet-3.0.102-3.el7.src.rpm

x86_64:
rh-dotnet30-aspnetcore-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-aspnetcore-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-apphost-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-debuginfo-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-host-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-hostfxr-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-runtime-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-sdk-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-dotnet-targeting-pack-3.0-3.0.2-3.el7.x86_64.rpm
rh-dotnet30-dotnet-templates-3.0-3.0.102-3.el7.x86_64.rpm
rh-dotnet30-netstandard-targeting-pack-2.1-3.0.102-3.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-dotnet31-dotnet-3.1.101-4.el7.src.rpm

x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.1-4.el7.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.101-4.el7.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.101-4.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-0602
https://access.redhat.com/security/cve/CVE-2020-0603
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXiCQQ9zjgjWX9erEAQiA5g//U9AGfQhzgzrIja7zNdstcP61hqUbWM+j
F2E4FpcJCJgjV3uDli4HsH6sIuzuKV5pVLhvNdbrAMSDJgOaWNJ+Otvmve0yPvY6
KjhAPMQnBjsJE5eUia6ZEIzhvjcHVwVbHQJrqIwLjvBrwHeo6fVWd/IHentdmM+3
FIh6uqClbh434gyq4Oi2MpTJ6G6z0+/siaA/tq4qubWJCtEWLfEXXhWsUL4ye59B
edz+0qB0MYi2ZpgJtk0A8RRxtwcVN6KD+SnV2g25XjqwDNBhAfO3AlB1x0Mzo7HQ
2tcWLTpJPtYm8sZFZLOKAGm1hvTJhFnu4Vc5oL7b6paJYsU2Ud9URbakwiiiwzV+
XXLdMmvL63JVeP+cFWkqgI/UR8sdbaXrKFjJcnxNiUklPrrUIx3rq/E1yzCgqwMI
M3RakcXDqCsaojoOAy/AMkPH1J2r8vyz08JTLC6Ik54m4Dz7/wGILwuVKXLuR1bM
L6oLLZNrc5oxK4VM7Zb0IHaAeK/cOvxQWhglOPkDV4Got721TputjBeIEj8xiHc1
2s5zmndzaUfXm+PoqnFsfGggRErFLXaqwSpRWT2vn2MOXbrEbpPjmJs55tLXABhw
8DI+gmgFRHhE6A4yqvJMzaJGZCsCtUWWXowQEhiCNaymG9Kgx4BkRLNj2Mc15mOK
EuYGFNW4Ux4=
=ADZz
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXiErBGaOgq3Tt24GAQjeoRAA1DcB6QrjICvEuMKuAriVEFGxtx3zCHoZ
QXKoE9jg9gOCBmVzoHTSVwTpkPZg0/iUZKy9zXSzB3lz4aYfB4M1E3iRIztExhIr
dF5ZU04mktrggfTY3TxMaKXbvsEvQwsbH7aPZCytgBo1c9nbr8NOr+2QhQK6sIXj
yZ+vjQG5dyvl83C18MgkPdGSsbUNIL+sR7Fkuv5w+iLXoH5jVfawFMxkRpJKXE7I
mp4fG6NJvxytbYrqk68p9ffr9LXQ7n0mXbTkyGyAW9EFC6ZjODux/jeRIJdRQzsu
ug7FkogqTtC/uAUR5dSOtsoeFs7BuXG2Obf9OvWz8C3PxdlpXSk7YnC5CKs5w29R
DWNeeOSErdKancWA5HLgfai5VqEj+Q88NzOE/80JLvEYmfcQpxL7xS7wUzrtKkVB
c7aG0lZq83+URHYUMYQYgiv7VqivPv5SXcBKxvdBlKmMcVjt4snu7+vFVmtXDD/2
ZdzRir+FPwoLcMcZdVqaVaozCHNjc1QSYqxU4+Ket550A+ZRxlJSXNf/RhtVubol
nRCfvgCCs8nQJj43ONjkwxWgHOSYKa71riE5uX7GLO3zaimR8ee7qTL2y65JOIgJ
dQWgd6RpEH1P0T8VYmOSzKe2T1ZDtqXKWa3Fv74NWfzAzS7QR69BSH84vwCWWcCh
1qKCJPIQwBg=
=93ku
-----END PGP SIGNATURE-----