maxmustermann/dotnet-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #4682 from dotnet/rbhanda-patch-1

Browse source 
Update Release notes with Github Announcement for May release
This commit is contained in:
Rahul Bhandari 2020-05-14 13:55:44 -07:00 committed by GitHub
parent 0e083d8449 ccdf998ae7
commit 4e184a78a2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
release-notes/2.1/2.1.18/2.1.18.md
View file

@ -74,6 +74,8 @@ Microsoft is aware of a denial of service vulnerability which exists when .NET C
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Core application.
For further information visit [Github Announcement](https://github.com/dotnet/announcements/issues/156)
### Additional fixes in this release
* [CoreFX](https://github.com/dotnet/corefx/issues?utf8=%E2%9C%93&q=milestone%3A2.1.18+label%3Aservicing-approved)

5
release-notes/3.1/3.1.4/3.1.4.md
View file

@ -72,6 +72,8 @@ Microsoft is aware of a denial of service vulnerability which exists when .NET C
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Core application.
For more information, see the [Github announcement](https://github.com/dotnet/announcements/issues/156).
### [CVE-2020-1161: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1161)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -82,6 +84,8 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
For more information, see the [Github announcement](https://github.com/aspnet/Announcements/issues/416).
### Additional fixes in this release
* [CoreCLR](https://github.com/dotnet/coreclr/issues?utf8=%E2%9C%93&q=milestone%3A3.1.4+label%3Aservicing-approved)
@ -162,4 +166,3 @@ The update addresses the vulnerability by correcting how the ASP.NET Core web ap
[dotnet-sdk-win-x86.zip]: https://download.visualstudio.microsoft.com/download/pr/c29c71b2-87fd-4054-89d1-48c257265d03/ef377454ac4a0d520cd97950d0d006fc/dotnet-sdk-3.1.104-win-x86.zip
[//]: # ( Symbols )