maxmustermann
/
dotnet-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove locales and update MSRC portal URL (#5563) 

* Remove locales and update MSRC portal URL

* update msdn and technet links
This commit is contained in:
Maira Wenzel 2020-11-11 09:30:17 -08:00 committed by GitHub
parent b3cf0820d4
commit 5c686ef1e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
113 changed files with 543 additions and 543 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Documentation/diagnostics/portable_pdb.md
View File

@ -25,7 +25,7 @@ Portable PDBs can be read on any operating system, but there are a number of pla
* Some symbol servers (ex: SymbolSource.org [does not](https://github.com/SymbolSource/SymbolSource/issues/7#issuecomment-399747015), nuget.org [does](https://blog.nuget.org/20181116/Improved-debugging-experience-with-the-NuGet-org-symbol-server-and-snupkg.html))
* Running post-compilation build step that consumes or modifies the PDB using older versions of tools such as CCI, CodeContracts.
* Using .NET decompilers such as ildasm or .Net reflector and expecting to see source line mappings or local parameter names
* [MS DIA](https://msdn.microsoft.com/en-us/library/ee8x173s.aspx)-based tools such as WinDBG.
* [MS DIA](https://docs.microsoft.com/previous-versions/visualstudio/visual-studio-2015/debugger/debug-interface-access/debug-interface-access-sdk-reference)-based tools such as WinDBG.
Over time we plan to shrink this list of non-supported scenarios so that portable PDB can become the default choice for most usage needs.

6
Documentation/microsoft-team.md
View File

@ -13,7 +13,7 @@ You need to join teams in two organizations. Click the two links:
* [Join the dotnet org and the microsoft team in that org](https://repos.opensource.microsoft.com/dotnet/teams/microsoft/join/)
* [Join the microsoft org and the dotnet team in that org](https://repos.opensource.microsoft.com/Microsoft/teams/dotnet/join/)
After you join the teams:
After you join the teams:
* Users will be able to @mention you on [.NET Core Repos](https://github.com/dotnet/core/blob/master/Documentation/core-repos.md)
* You will be able to access to private repos we maintain
@ -54,11 +54,11 @@ Join teams to gain write access to repos:
Enabling 2FA doesn't necessarily mean your account is secure. SMS (phone texts) is [not secure](https://en.wikipedia.org/wiki/SIM_swap_scam) as a 2FA method and should be avoided if possible. You can see [failed login attempts](https://github.com/settings/security-log?q=action%3Auser.failed_login) on your account to get some sense of the risk you have.
The following best practices are required for org owners, and recommended for repo admins.
The following best practices are required for org owners, and recommended for repo admins.
* Do register a [security key(s)](https://www.yubico.com/works-with-yubikey/catalog/github/) as a two factor method.
* Do register an authenticator app -- registering a one-time-password with an app like 1Password is recommended (not tied to your phone).
* Do store recorvery codes in a safe place, like [OneDrive Vault](https://www.microsoft.com/en-us/microsoft-365/onedrive/personal-vault), 2FA-protected OneNote or in a password vault like 1Password.
* Do store recorvery codes in a safe place, like [OneDrive Vault](https://www.microsoft.com/microsoft-365/onedrive/personal-vault), 2FA-protected OneNote or in a password vault like 1Password.
* Do register your GitHub account with your 2FA-protected Facebook account for GitHub account recovery. This is the absolute last recovery option and is considered secure (even if your Facebook account is breached).
* Do not use SMS for 2FA or as a recovery fallback.

6
SECURITY.md
View File

@ -6,9 +6,9 @@ The .NET Core and ASP.NET Core support policy, including supported versions can
## Reporting a Vulnerability
Security issues and bugs should be reported privately to the Microsoft Security Response Center (MSRC), either by emailing secure@microsoft.com or via the portal at https://msrc.microsoft.com.
You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your
original message. Further information, including the MSRC PGP key, can be found in the [MSRC Report an Issue FAQ](https://www.microsoft.com/en-us/msrc/faqs-report-an-issue).
Security issues and bugs should be reported privately to the Microsoft Security Response Center (MSRC), either by emailing secure@microsoft.com or via the portal at https://msrc.microsoft.com.
You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your
original message. Further information, including the MSRC PGP key, can be found in the [MSRC Report an Issue FAQ](https://www.microsoft.com/msrc/faqs-report-an-issue).
Reports via MSRC may qualify for the .NET Core Bug Bounty. Details of the .NET Core Bug Bounty including terms and conditions are at [https://aka.ms/corebounty](https://aka.ms/corebounty).

4
os-lifecycle-policy.md
View File

@ -1,6 +1,6 @@
# .NET Core Supported OS Lifecycle Policy
.NET Core is [supported by Microsoft](microsoft-support.md) on a range of operating systems.
.NET Core is [supported by Microsoft](microsoft-support.md) on a range of operating systems.
Each supported operating system has a lifecycle defined by its sponsor organization (for example, Microsoft, Red Hat, or Apple). The .NET Core team applies each of those lifecycle schedules to inform adding and removing support for operating system versions.
@ -34,6 +34,6 @@ When a new operating system version is made available, we will typically support
Occasionally, we may not adhere to a strict interpretation of the policy for supported OS platforms. Instead, we may choose to offer support on an OS platform that is out of support. Or we may choose to exclude a supported platform for specific reasons.
One example is Windows 7 SP1. Windows 7 SP1 is out of support, but enterprise customers can buy [Extended Security Updates](https://docs.microsoft.com/en-us/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq), and many do. Given the widespread use of Windows 7 in the .NET ecosystem we chose to include Windows 7 SP1 (with Extended Security Updates installed) as a supported platform for .NET 5.0. Another example is Windows Server 2012. Windows Server 2012 is currently in support but not included in the supported platform list for .NET 5.0 because a newer version is available in the Server 2012 family - Server 2012 R2.
One example is Windows 7 SP1. Windows 7 SP1 is out of support, but enterprise customers can buy [Extended Security Updates](https://docs.microsoft.com/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq), and many do. Given the widespread use of Windows 7 in the .NET ecosystem we chose to include Windows 7 SP1 (with Extended Security Updates installed) as a supported platform for .NET 5.0. Another example is Windows Server 2012. Windows Server 2012 is currently in support but not included in the supported platform list for .NET 5.0 because a newer version is available in the Server 2012 family - Server 2012 R2.
**_When there is a conflict between our general policy for supported platforms and the specific supported platforms documented for a given release of .NET the supported platform list for the specific version of .NET will supersede the general policy._**

28
product-roadmap/current.md
View File

@ -7,9 +7,9 @@ The .NET product roadmap communicates project priorities for evolving and extend
These are some of the high level themes for the .NET 5.0 release. A more comprehensive list of the work were doing organized by technology can be found further below in this document.
- Developers can build great cloud infrastructure components with .NET.
- Developers can build great mobile apps for new devices with .NET 5 we will support not only the latest in iOS and Android, but unify the platform and deliver first-class support for delivering cross-platform applications.
- .NET 5.0 has excellent fundamentals - continue to deliver on reliability, performance, diagnosability, compliance, security, acquisition and deployment.
- .NET 5.0 has excellent fundamentals - continue to deliver on reliability, performance, diagnosability, compliance, security, acquisition and deployment.
These are some key moments in our .NET 5.0 roadmap.
These are some key moments in our .NET 5.0 roadmap.
| Date | Moment/Rally Point | Key Message |
| :-------- | :----------------- | :-------------- |
@ -59,7 +59,7 @@ Items in each section include the following icons:
- ![Completed](media/status-completed.png "Completed icon") Using the same conventions as development to keep it consistent
- ![Completed](media/status-completed.png "Completed icon") Support Azure Functions in development
- ![In Progress](media/status-in-progress.png "In Progress icon") VS Code tooling
## EF
[EF Core 5.0 plan](https://docs.microsoft.com/ef/core/what-is-new/ef-core-5.0/plan)
@ -77,7 +77,7 @@ Items in each section include the following icons:
- ![Completed](media/status-completed.png "Completed icon") Performance improvements
## ML.NET
- ![Completed](media/status-completed.png "Completed icon") Local GPU training for Image Classification in Model Builder
- ![Completed](media/status-completed.png "Completed icon") Add Ranking scenario to local ML.NET AutoML API
- ![Completed](media/status-completed.png "Completed icon") Add new algorithm and root cause detection for anomaly detection
@ -131,7 +131,7 @@ Please see the following links to view work items and themes across:
### C# 9
- ![Completed](media/status-completed.png "Completed icon") [Target-typed new](https://github.com/dotnet/csharplang/issues/100)
- ![Completed](media/status-completed.png "Completed icon") [Target-typed new](https://github.com/dotnet/csharplang/issues/100)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Relax ordering of `ref` and `partial` modifiers](https://github.com/dotnet/csharplang/issues/946)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Parameter null-checking](https://github.com/dotnet/csharplang/issues/2145)
- ![Completed](media/status-completed.png "Completed icon") [Skip locals init](https://github.com/dotnet/csharplang/issues/1738)
@ -210,8 +210,8 @@ Please see the following links to view work items and themes across:
- ![In Progress](media/status-in-progress.png "In Progress icon") Keep pace with changes in the underlying OS to ensure compatibility with the latest changes in Win10.
## Xamarin
- ![Completed](media/status-completed.png "Completed icon") [Android 11 / API 30 Support](https://docs.microsoft.com/en-us/xamarin/android/release-notes/11/11.0)
- ![Completed](media/status-completed.png "Completed icon") [Android smaller APK sizes](https://docs.microsoft.com/en-us/xamarin/android/release-notes/11/11.0#smaller-app-package-sizes)
- ![Completed](media/status-completed.png "Completed icon") [Android 11 / API 30 Support](https://docs.microsoft.com/xamarin/android/release-notes/11/11.0)
- ![Completed](media/status-completed.png "Completed icon") [Android smaller APK sizes](https://docs.microsoft.com/xamarin/android/release-notes/11/11.0#smaller-app-package-sizes)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Xcode 12 and iOS 14 Support](https://github.com/xamarin/xamarin-macios/issues/8931)
- ![In Progress](media/status-in-progress.png "In Progress icon") Hot Restart for Android
- ![In Progress](media/status-in-progress.png "In Progress icon") AndroidX and Google Play Services Bindings Updates
@ -219,13 +219,13 @@ Please see the following links to view work items and themes across:
- ![In Planning](media/status-in-planning.png "In Planning icon") Xamarin.Essentials integration to .NET 6 BCL (System namespace)
### Xamarin.Forms 5
- ![Completed](media/status-completed.png "Completed icon") [AppTheme aka Dark Mode support](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/user-interface/theming/system-theme-changes)
- ![In Progress](media/status-in-progress.png "In Progress icon") [CarouselView](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/user-interface/carouselview/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Drag-and-drop Gestures](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/app-fundamentals/gestures/drag-and-drop)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Gradient and Solid Brushes](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/user-interface/brushes/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Shapes and Paths](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/user-interface/shapes/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [SwipeView](https://docs.microsoft.com/en-us/xamarin/xamarin-forms/user-interface/swipeview)
- ![Completed](media/status-completed.png "Completed icon") [AppTheme aka Dark Mode support](https://docs.microsoft.com/xamarin/xamarin-forms/user-interface/theming/system-theme-changes)
- ![In Progress](media/status-in-progress.png "In Progress icon") [CarouselView](https://docs.microsoft.com/xamarin/xamarin-forms/user-interface/carouselview/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Drag-and-drop Gestures](https://docs.microsoft.com/xamarin/xamarin-forms/app-fundamentals/gestures/drag-and-drop)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Gradient and Solid Brushes](https://docs.microsoft.com/xamarin/xamarin-forms/user-interface/brushes/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Shapes and Paths](https://docs.microsoft.com/xamarin/xamarin-forms/user-interface/shapes/)
- ![In Progress](media/status-in-progress.png "In Progress icon") [SwipeView](https://docs.microsoft.com/xamarin/xamarin-forms/user-interface/swipeview)
### Xamarin.Forms vNext (.NET MAUI)
- ![In Progress](media/status-in-progress.png "In Progress icon") [Slim Renderers](https://github.com/dotnet/maui/issues/28) - performance improvements, decouple from bindable, and introduce interfaces
- ![In Progress](media/status-in-progress.png "In Progress icon") [Slim Renderers](https://github.com/dotnet/maui/issues/28) - performance improvements, decouple from bindable, and introduce interfaces
- ![In Planning](media/status-in-planning.png "In Planning icon") WinUI 3 Support - [testing integration](https://github.com/xamarin/Xamarin.Forms/pull/11955)

2
release-notes/1.0/1.0-supported-os.md
View File

@ -15,7 +15,7 @@ Windows Server | 2008 R2 SP1 - 2016* | x64, x86 |
\* Supported by latest patch release of .NET Core 1.1
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS

8
release-notes/1.0/1.0.0-known-issues.md
View File

@ -130,7 +130,7 @@ With 1.0.0 of .NET Core, all applications that target .NET Core and run on Windo
If the dependency is not present, applications will fail to run and errors will be thrown, e.g.
```The program can't start because api-ms-win-crt-runtime-1-1-0.dll is missing from your computer. Try reinstalling the program to fix this problem.```
The UCRT dependency can be installed via Windows Update (name: "Update for Universal C Runtime in Windows", per <https://support.microsoft.com/en-us/kb/2999226>) and, as a recommended update, it will be installed automatically if the user uses the default settings for Windows Update. It can also be downloaded from [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=48234).
The UCRT dependency can be installed via Windows Update (name: "Update for Universal C Runtime in Windows", per <https://support.microsoft.com/kb/2999226>) and, as a recommended update, it will be installed automatically if the user uses the default settings for Windows Update. It can also be downloaded from [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=48234).
- https://github.com/dotnet/corefx/issues/9083
- https://github.com/dotnet/corefx/issues/9389
@ -221,8 +221,8 @@ This process will ensure that that the dotnet host finds the appropriate APIs it
Some libraries that P/Invoke into api-set's and target .NET Framework in our nuget packages might fail to run on Windows 7.
**Workarounds:**
Some of the api-sets are installed by the UCRT update: <https://support.microsoft.com/en-us/kb/2999226>
and <https://support.microsoft.com/en-us/kb/2790113> but these installations may not be a comprehensive fix.
Some of the api-sets are installed by the UCRT update: <https://support.microsoft.com/kb/2999226>
and <https://support.microsoft.com/kb/2790113> but these installations may not be a comprehensive fix.
- If you're using project.json you can just reference the Microsoft.NETCore.Windows.ApiSets package from your app and be sure to deploy for runtime win7-x86 or win7-x64, as appropriate.
@ -232,6 +232,6 @@ and <https://support.microsoft.com/en-us/kb/2790113> but these installations ma
## Bash on Ubuntu on Windows
[Bash on Windows (WSL)](https://msdn.microsoft.com/en-us/commandline/wsl/about) is not yet supported by .NET Core. Attempting to run applications in the environment can experience intermittent crashes.
[Bash on Windows (WSL)](https://docs.microsoft.com/windows/wsl/about) is not yet supported by .NET Core. Attempting to run applications in the environment can experience intermittent crashes.
- https://github.com/Microsoft/BashOnWindows/issues/520

4
release-notes/1.0/1.0.1-release-notes.md
View File

@ -6,7 +6,7 @@ A few highlights on this release can be read about on the [.NET Blog](https://bl
This release coincides with a security advisory for MVC. See the following for additional details.
* [Advisory](https://technet.microsoft.com/en-us/en-us/library/3181759.aspx)
* [Advisory](https://docs.microsoft.com/security-updates/SecurityAdvisories/2016/3181759)
* [Announcement](https://github.com/aspnet/Announcements/issues/203)
* [Discussion](https://github.com/aspnet/Mvc/issues/5271)
@ -31,4 +31,4 @@ The fix list below includes a number of components under the .NET Core umbrella
### ASP.NET Core
* Please see the [ASP.NET Core release page](https://github.com/aspnet/home/releases/1.0.1) for details on fixes for ASP.NET Core, MVC, Entity Framework Core and other components.
* Please see the [ASP.NET Core release page](https://github.com/aspnet/home/releases/1.0.1) for details on fixes for ASP.NET Core, MVC, Entity Framework Core and other components.

4
release-notes/1.0/1.0.15/1.0.15.md
View File

@ -28,9 +28,9 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
## Changes in 1.0.15
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0757)
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0757)
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
The security update addresses the vulnerability by correcting how NuGet restore creates file permissions for all files extracted to the client machine.

12
release-notes/1.0/1.0.16/1.0.16.md
View File

@ -28,7 +28,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
## Changes in 1.0.16
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0820)
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0820)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -39,12 +39,12 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how .NET Core applications handle RegEx string processing.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0980)
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0980)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -59,8 +59,8 @@ The update addresses the vulnerability by correcting how .NET Core and ASP.NET C
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0981)
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0981)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

48
release-notes/1.0/cli-known-issues.md
View File

@ -21,9 +21,9 @@ Known issues & workarounds
# Preview 2 tooling known issues
## OpenSSL dependency on OS X
OS X "El Capitan" (10.11) comes with 0.9.8 version of OpenSSL. .NET Core depends on versions >= 1.0.1 of OpenSSL. You can update the version by using [Homebrew](https://brew.sh), [MacPorts](https://www.macports.org/) or manually. The important bit is that you need to have the required OpenSSL version on the path when you work with .NET Core.
OS X "El Capitan" (10.11) comes with 0.9.8 version of OpenSSL. .NET Core depends on versions >= 1.0.1 of OpenSSL. You can update the version by using [Homebrew](https://brew.sh), [MacPorts](https://www.macports.org/) or manually. The important bit is that you need to have the required OpenSSL version on the path when you work with .NET Core.
With Homebrew, you can run the following commands to get this done:
With Homebrew, you can run the following commands to get this done:
```console
brew update
@ -54,41 +54,41 @@ deprecated system version while using the headers from the Homebrew version.
Instead, pass the full include/library paths to your compiler e.g.:
-I/usr/local/opt/openssl/include -L/usr/local/opt/openssl/lib
```
This is due to a recent update from `brew` where it refuses to link `openssl`. The installation steps have been updated with instructions on how to deal with this.
This is due to a recent update from `brew` where it refuses to link `openssl`. The installation steps have been updated with instructions on how to deal with this.
## Users of zsh (z shell) don't get `dotnet` on the path after install
There is a known issue in oh-my-zsh installer that interferes with how `path_helper` works on OS X systems. In short,
the said installer creates a `.zshrc` file which contains the exploded path at the time of installation. This clobbers
any dynamically generated path, such as the one generated by `path_helper`.
There is a known issue in oh-my-zsh installer that interferes with how `path_helper` works on OS X systems. In short,
the said installer creates a `.zshrc` file which contains the exploded path at the time of installation. This clobbers
any dynamically generated path, such as the one generated by `path_helper`.
There is an [outstanding PR](https://github.com/robbyrussell/oh-my-zsh/pull/4925) on the oh-my-zsh repo for this.
There is an [outstanding PR](https://github.com/robbyrussell/oh-my-zsh/pull/4925) on the oh-my-zsh repo for this.
**Workaround 1:** symlink the `dotnet` binary in the installation directory to a place in the global path, e.g. `/usr/local/bin`.
**Workaround 1:** symlink the `dotnet` binary in the installation directory to a place in the global path, e.g. `/usr/local/bin`.
The command you can use is:
```console
ln -s /usr/local/share/dotnet/dotnet /usr/local/bin
```
**Workaround 2:** edit your `.zshrc` and/or `.zshprofile` files to add the `/usr/local/share/dotnet` to the $PATH.
**Workaround 2:** edit your `.zshrc` and/or `.zshprofile` files to add the `/usr/local/share/dotnet` to the $PATH.
## `app.config` file needs to be checked out before publishing
## `app.config` file needs to be checked out before publishing
If you have an `app.config` file in source control that places locks on local files (such as TFS), you will receive the following error during publishing:
```console
Failed to make the following project runnable: <project name> reason: Access to the path <path> is denied.
```
To resolve this, checkout the `app.config` file from the source control prior to publishing.
To resolve this, checkout the `app.config` file from the source control prior to publishing.
## `dotnet` commands in the root of the file system fails
If you run any `dotnet` command on project and code files that reside in the root of the file system (`/` in Linux/macOS or `C:\` in Windows) it may fail due to security reasons. The most common error that is encountered is:
> Object reference not set to an instance of an object.
This affects the situation where the actual code files are in the root. So, the example path that would trigger this behavior would be `/project.json` or `C:\project.json` on UNIX or Windows respectively.
This affects the situation where the actual code files are in the root. So, the example path that would trigger this behavior would be `/project.json` or `C:\project.json` on UNIX or Windows respectively.
**Workaround:** use a directory to store your projects and source files.
**Workaround:** use a directory to store your projects and source files.
**More information:** https://github.com/NuGet/Home/issues/3038
@ -110,15 +110,15 @@ When using non-release versions of the CLI, `dotnet restore` will fail to restor
```
## Running `dotnet` on Debian distributions causes a segmentation fault
If a Debian machine is set in a certain way it may cause the native host (`dotnet`) to produce a segmentation fault. The culprit is the failed installation of the `libicu` dependency due to mirror package repository setup. If you fail to set up mirror package repositories, `apt-get` may not be able to resolve the dependency and the host will fail at runtime.
If a Debian machine is set in a certain way it may cause the native host (`dotnet`) to produce a segmentation fault. The culprit is the failed installation of the `libicu` dependency due to mirror package repository setup. If you fail to set up mirror package repositories, `apt-get` may not be able to resolve the dependency and the host will fail at runtime.
**Affects:** the native host
**Workaround:** make sure that all of the [native pre-requisites](../Documentation/prereqs.md) are installed correctly. You can usually do this by running `apt-get` package manager.
**Workaround:** make sure that all of the [native pre-requisites](../Documentation/prereqs.md) are installed correctly. You can usually do this by running `apt-get` package manager.
## Uninstalling/reinstalling the PKG on OS X
OS X doesn't really have an uninstall capacity for PKGs like Windows has for
MSIs. There is, however, a way to remove the bits as well as the "recipe" for
OS X doesn't really have an uninstall capacity for PKGs like Windows has for
MSIs. There is, however, a way to remove the bits as well as the "recipe" for
dotnet. More information can be found on [this SuperUser question](https://superuser.com/questions/36567/how-do-i-uninstall-any-apple-pkg-package-file).
# Preview 3 tooling known issues
@ -139,18 +139,18 @@ you don't restore on macOS/Linux machines:
> /usr/local/share/dotnet/sdk/1.0.0-preview3-004056/Microsoft.Common.CurrentVersion.targets(1107,5): error MSB3644: The reference assemblies for framework ".NETFramework,Version=v4.0" were not found. To resolve this, install the SDK or Targeting Pack for this framework version or retarget your application to a version of the framework for which you have the SDK or Targeting Pack installed. Note that assemblies will be resolved from the Global Assembly Cache (GAC) and will be used in place of reference assemblies. Therefore your assembly may not be correctly targeted for the framework you intend.
If you don't get this error on a Windows machine, that is most likely due to the fact that the targeting pack for .NET Framework 4.0 are installed. To be sure that you have the targets, run restore again if you are not sure.
If you don't get this error on a Windows machine, that is most likely due to the fact that the targeting pack for .NET Framework 4.0 are installed. To be sure that you have the targets, run restore again if you are not sure.
## `dotnet test` has changed from Preview 2 `dotnet test`
As part of the overall Preview 3 work, `dotnet test` command has been been revised and is quite different in usage and behavior then Preview 2 `dotnet test` command. Please consult the official [dotnet test
docs](https://docs.microsoft.com/en-us/dotnet/articles/core/preview3/tools/dotnet-test) for more information and expect more documentation in coming days.
docs](https://docs.microsoft.com/dotnet/articles/core/preview3/tools/dotnet-test) for more information and expect more documentation in coming days.
# What is this document about?
This document outlines the known issues and workarounds for the current state of
the CLI tools. Issues will also have a workaround and affects sections if necessary. You can use this page to
# What is this document about?
This document outlines the known issues and workarounds for the current state of
the CLI tools. Issues will also have a workaround and affects sections if necessary. You can use this page to
get information and get unblocked.
# What is a "known issue"?
A "known issue" is a major issue that block users in doing their everyday tasks and that affect all or
most of the commands in the CLI tools. If you want to report or see minor issues, you can use the [issues list](https://github.com/dotnet/cli/issues).
A "known issue" is a major issue that block users in doing their everyday tasks and that affect all or
most of the commands in the CLI tools. If you want to report or see minor issues, you can use the [issues list](https://github.com/dotnet/cli/issues).

16
release-notes/1.0/sdk/1.0-rc3-implicit-package-refs.md
View File

@ -1,27 +1,27 @@
## Implicit metapackage package reference in the .NET Core SDK - Visual Studio 2017 RC3
While working with the previous versions of the .NET Core tooling (both project.json and csproj-based tools), you probably have become acquainted with the concept of the "metapackage". It is a dependency/package reference (for example, `Microsoft.NETCore.App` or `NetStandard.Library`) that you add to your project in addition to the target framework (for example, `netcoreapp1.0` or `netstandard1.6`).
During the previous months, we've received a lot of feedback that having two data points in the project file is confusing, especially for the upgrade scenario. For example, if you wanted to upgrade from `netcoreapp1.0` to `netcoreapp1.1`, you had to change the target framework **as well** as change the version of the metapackage. This led many users to errors and weird behaviors.
During the previous months, we've received a lot of feedback that having two data points in the project file is confusing, especially for the upgrade scenario. For example, if you wanted to upgrade from `netcoreapp1.0` to `netcoreapp1.1`, you had to change the target framework **as well** as change the version of the metapackage. This led many users to errors and weird behaviors.
As part of the RC3 release of the [.NET Core SDK](https://github.com/dotnet/sdk), we've moved to the model where the SDK implies a certain version of the `Microsoft.NETCore.App` and `NetStandard.Library` metapackages based on the framework you're targeting. This change makes targeting easier. The intent is for developers to target .NET Core or .NET Standard using just the targeted framework. The package is, in this context, a pure implementation detail that the developer doesn't have to worry about.
### Behavior description
The metapackage included is tied to the target framework. That means that for `netcoreapp1.0` a proper version of the `Microsoft.NETCore.App` metapackage is referenced. Same goes for `netcoreapp1.1` target framework as well as `netstandard1.x` target frameworks.
The metapackage included is tied to the target framework. That means that for `netcoreapp1.0` a proper version of the `Microsoft.NETCore.App` metapackage is referenced. Same goes for `netcoreapp1.1` target framework as well as `netstandard1.x` target frameworks.
As far as the rest of the behavior is concerned, the tools will work as expected and most of the gestures will remain the same (for example, `dotnet restore`).
As far as the rest of the behavior is concerned, the tools will work as expected and most of the gestures will remain the same (for example, `dotnet restore`).
### Migrating a project
If you have an existing reference to the metapackage in your project.json, the migration (both in `dotnet migrate` as well as Visual Studio 2017) will include that reference in your new csproj project. This will cause the tools to issue the following warning when you try to build your project:
> A PackageReference for [metapackage ID] was included in your project. This package is implicitly referenced by the .NET SDK and you do not typically need to reference it from your project. For more information, see https://aka.ms/sdkimplicitrefs.
This warning simply means that you probably want to remove that package reference from your project file. If you do keep it, the specified version of the metapackage will be used.
This warning simply means that you probably want to remove that package reference from your project file. If you do keep it, the specified version of the metapackage will be used.
## Recommendations
With this new feature, you might be wondering when you should specify a version of the metapackage in the project and when not. Here is the overall guidance:
* For new projects, you should use the template and not add an explicit reference to any metapackage.
* For existing projects, you should remove the reference.
* For new projects, you should use the template and not add an explicit reference to any metapackage.
* For existing projects, you should remove the reference.
* If you need a specific version of the runtime, you should use the `<RuntimeFrameworkVersion>` property in your project (for example, `1.0.4`) instead of referencing the metapackage.
* This might happen if you are using [self-contained deployments](https://docs.microsoft.com/en-us/dotnet/articles/core/preview3/deploying/#self-contained-deployments-scd) and you need a specific patch version of 1.0.0 LTS runtime, for example.
* If you need a specific version of the `NetStandard.Library` metapackage, you can use the `<NetStandardImplicitPackageVersion>` property and set the version you need.
* This might happen if you are using [self-contained deployments](https://docs.microsoft.com/dotnet/articles/core/preview3/deploying/#self-contained-deployments-scd) and you need a specific patch version of 1.0.0 LTS runtime, for example.
* If you need a specific version of the `NetStandard.Library` metapackage, you can use the `<NetStandardImplicitPackageVersion>` property and set the version you need.

4
release-notes/1.1/1.1.12/1.1.12.md
View File

@ -28,9 +28,9 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
## Changes in 1.1.12
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0757)
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0757)
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
The security update addresses the vulnerability by correcting how NuGet restore creates file permissions for all files extracted to the client machine.

12
release-notes/1.1/1.1.13/1.1.13.md
View File

@ -28,7 +28,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
## Changes in 1.1.13
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0820)
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0820)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -39,12 +39,12 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how .NET Core applications handle RegEx string processing.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0980)
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0980)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -59,8 +59,8 @@ The update addresses the vulnerability by correcting how .NET Core and ASP.NET C
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0981)
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0981)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

4
release-notes/2.0/2.0-supported-os.md
View File

@ -18,7 +18,7 @@ Windows Client | 7 SP1+, 8.1 | x64, x86 |
Windows 10 Client | Version 1607+ | x64, x86 |
Windows Server | 2008 R2 SP1+ | x64, x86 |
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS
@ -30,7 +30,7 @@ Mac OS X | 10.12+ | x64 |
OS | Version | Architectures | Notes
------------------------------|-------------------------------|----------------|-----
Red Hat Enterprise Linux | 6 | x64 | [Microsoft support policy](https://dotnet.microsoft.com/platform/support/policy/)
Red Hat Enterprise Linux | 6 | x64 | [Microsoft support policy](https://dotnet.microsoft.com/platform/support/policy/)
Red Hat Enterprise Linux <br> CentOS <br> Oracle Linux | 7 | x64 | [Red Hat support policy](https://access.redhat.com/support/policy/updates/errata/) <br> [CentOS lifecycle](https://wiki.centos.org/FAQ/General#head-fe8a0be91ee3e7dea812e8694491e1dde5b75e6d) <br> [Oracle Linux lifecycle](https://www.oracle.com/a/ocom/docs/elsp-lifetime-069338.pdf)
Fedora | 28, 27 | x64 | [Fedora lifecycle](https://fedoraproject.org/wiki/End_of_life)
Debian | 9, 8.7+ | x64 | [Debian lifecycle](https://wiki.debian.org/DebianReleases)

6
release-notes/2.1/2.1-supported-os.md
View File

@ -16,9 +16,9 @@ Windows Client | 7 SP1(**\***), 8.1 | x64, x86 |
Windows 10 Client | Version 1607+ | x64, x86 | 1607 is the minimum version for support. See [Out of support OS versions](#out-of-support-os-versions) below for Windows 10 releases that are no longer supported.
Windows Server | 2008 R2 SP1+ | x64, x86 |
**\*** Windows 7 SP1 is supported with [Extended Security Updates](https://docs.microsoft.com/en-us/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq) installed.
**\*** Windows 7 SP1 is supported with [Extended Security Updates](https://docs.microsoft.com/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq) installed.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS
@ -51,7 +51,7 @@ Support for the following versions was ended by the distribution owners and are
|OS | Version | End of Life |
|-----------|----------|-------------|
| Windows 10| 1703 | [10/08/2019](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) |
| Windows 10| 1703 | [10/08/2019](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) |
| Fedora | 30 | [26/05/2020](https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/7UTUFY7WEL6RTFRXJB75XAFH44Y6RPUC/) |
| Fedora | 29 | [11/26/2019](https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org/thread/BB4ECDFSJ66AQU63ZKNYROEFMMLSLFUK/) |
| Fedora | 28 | [05/28/2019](https://fedoramagazine.org/fedora-28-end-of-life/) |

2
release-notes/2.1/2.1.10/2.1.10-download.md
View File

@ -14,7 +14,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.506](#downloads) |
| Visual Studio 2019 (Windows) | [2.1.603](../2.1.603-SDK/2.1.603-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.1/2.1.10/2.1.10.md
View File

@ -8,7 +8,7 @@
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.506](#downloads) |
| Visual Studio 2019 (Windows) | [2.1.603](../2.1.603-SDK/2.1.603-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)

2
release-notes/2.1/2.1.11/2.1.11-download.md
View File

@ -14,7 +14,7 @@ See the [Release Notes](2.1.11.md) for details about what is included in this up
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.507](#downloads) |
| Visual Studio 2019 (Windows) | [2.1.604](../2.1.604-SDK/2.1.604-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

50
release-notes/2.1/2.1.11/2.1.11.md
View File

@ -8,7 +8,7 @@
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.507](#downloads) |
| Visual Studio 2019 (Windows) | [2.1.604](../2.1.604-SDK/2.1.604-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)
@ -60,7 +60,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.1.11 release carries both security and non-security fixes.
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0820)
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0820)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -71,28 +71,12 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how .NET Core applications handle RegEx string processing.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0980)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists when .NET Core and ASP.NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core and ASP.NET Core application. The vulnerability can be exploited remotely, without authentication.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Core application.
The update addresses the vulnerability by correcting how .NET Core and ASP.NET Core web applications handle web requests.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0981)
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0980)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -107,8 +91,8 @@ The update addresses the vulnerability by correcting how .NET Core and ASP.NET C
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0982)
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0981)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -119,10 +103,26 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how .NET Core and ASP.NET Core web applications handle web requests.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0982)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists when .NET Core and ASP.NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core and ASP.NET Core application. The vulnerability can be exploited remotely, without authentication.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Core application.
The update addresses the vulnerability by correcting how .NET Core and ASP.NET Core web applications handle web requests.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
### Additional fixes in this release

2
release-notes/2.1/2.1.12/2.1.12-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.1.605](2.1.605-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.1.701](2.1.701-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.1.801](2.1.801-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

10
release-notes/2.1/2.1.12/2.1.12.md
View File

@ -2,7 +2,7 @@
.NET Core 2.1.12 is available for [download](2.1.12-download.md) and usage in your environment. This release includes .NET Core 2.1.12, ASP.NET Core 2.1.12 and the .NET Core SDK.
The July Update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download. Otherwise, the best version to download is [.NET Core SDK 2.1.801](2.1.801-sdk-download.md).
The July Update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download. Otherwise, the best version to download is [.NET Core SDK 2.1.801](2.1.801-sdk-download.md).
| OS | Development Environment | .NET Core SDK |
| :-- | :-- | :--: |
@ -11,7 +11,7 @@ The July Update for .NET Core 2.1 includes multiple SDK builds. If you are a Vis
| Windows | Visual Studio 2019 version 16.1 | [2.1.701](2.1.701-sdk-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.1.605](2.1.605-sdk-download.md) |
| Windows | Visual Studio 2017 | [2.1.508](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)
@ -57,7 +57,7 @@ The images are expected to be available later today.
.NET Core 1.0 and 1.1 reached end of support lifecycle on June 27, 2019 and will no longer receive updates going forward. See [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core) to learn more about the .NET Core support lifecycle.
Debian 10 GA finally released and we expect .NET Core availability on it later this month.
Debian 10 GA finally released and we expect .NET Core availability on it later this month.
See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blob/master/os-lifecycle-policy.md) to learn about Windows, macOS and Linux versions that are supported for each .NET Core release.
@ -65,7 +65,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.1.12 release carries both security and non-security fixes.
* [CVE-2019-1075: ASP.NET Core Spoofing Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1075)
* [CVE-2019-1075: ASP.NET Core Spoofing Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1075)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -76,7 +76,7 @@ To exploit the vulnerability, an attacker could send a link that has a specially
The update addresses the vulnerability by correcting how ASP.NET Core parses URLs.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.AspNetCore.Server.HttpSys | 2.1.0, 2.1.1<br/>2.2.0 | 2.1.12<br/>2.2.6

2
release-notes/2.1/2.1.12/2.1.605-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.1.605](#downloads) |
| Visual Studio 2019 version 16.1 (Windows) | [2.1.701](2.1.701-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.1.801](2.1.801-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.1/2.1.12/2.1.701-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.1.605](2.1.605-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.1.701](#downloads) |
| Visual Studio 2019 version 16.2 (Windows) | [2.1.801](2.1.801-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.1/2.1.12/2.1.801-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.1.605](2.1.605-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.1.701](2.1.701-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.1.801](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.1/2.1.13/2.1.13-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.1 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.1.802](2.1.802-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.1.606](2.1.606-download.md) |
| Windows | Visual Studio 2017 | [2.1.509](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

8
release-notes/2.1/2.1.13/2.1.13.md
View File

@ -10,7 +10,7 @@ The September Update for .NET Core 2.1 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.1.802](2.1.802-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.1.606](2.1.606-download.md) |
| Windows | Visual Studio 2017 | [2.1.509](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)
@ -56,7 +56,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.1.13 release carries both security and non-security fixes.
### [CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1302)
### [CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1302)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -72,7 +72,7 @@ Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.AspNetCore.SpaServices | 2.1.0-2.1.2 <br> 2.2.0 | 2.1.2 <br> 2.2.1
### [CVE-2019-1301: Denial of Service Vulnerability in .NET Core](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1301)
### [CVE-2019-1301: Denial of Service Vulnerability in .NET Core](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1301)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -87,7 +87,7 @@ Package name | Vulnerable versions | Secure versions
System.Net.Sockets | 4.3.0 | 4.3.1
Microsoft.NetCore.App | 2.1.0 - 2.1.12 <br> 2.2.0 - 2.2.6 | 2.1.13 <br> 2.2.7
### [CVE-2018-8269: Denial of Service Vulnerability in OData](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8269)
### [CVE-2018-8269: Denial of Service Vulnerability in OData](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8269)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

2
release-notes/2.1/2.1.13/2.1.606-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.1 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.1.802](2.1.802-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.1.606](#downloads) |
| Windows | Visual Studio 2017 | [2.1.509](2.1.13-download.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

2
release-notes/2.1/2.1.13/2.1.802-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.1 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.1.802](#downloads) |
| Windows | Visual Studio 2019 version 16.0 | [2.1.606](2.1.606-download.md) |
| Windows | Visual Studio 2017 | [2.1.509](2.1.13-download.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

2
release-notes/2.1/2.1.14/2.1.14.md
View File

@ -32,7 +32,7 @@ The November Update for .NET Core 2.1 includes multiple SDK builds. If you are a
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.607](2.1.607-download.md) |
| Windows | Visual Studio 2017 | [2.1.510](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker Images

2
release-notes/2.1/2.1.14/2.1.607-download.md
View File

@ -29,7 +29,7 @@ The November Update for .NET Core 2.1 includes multiple SDK builds. If you are a
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.607](#downloads) |
| Windows | Visual Studio 2017 | [2.1.510](2.1.14.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

6
release-notes/2.1/2.1.15/2.1.15.md
View File

@ -33,7 +33,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.608](2.1.608-download.md) |
| Windows | Visual Studio 2017 | [2.1.511](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
@ -71,7 +71,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.1.15 release carries both security and non-security fixes.
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0602)
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0602)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -89,7 +89,7 @@ Microsoft.AspNetCore.Http.Connections | 1.0.0 - 1.0.4 | 1.0.15
Microsoft.AspNetCore.App | 2.1.0 - 2.1.14 <br> 3.0.0 <br> 3.1.0 | 2.1.15 <br> 3.0.1 <br> 3.1.1
Microsoft.AspNetCore.All | 2.1.0 - 2.1.14 | 2.0.15
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0603)
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0603)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

2
release-notes/2.1/2.1.15/2.1.608-download.md
View File

@ -29,7 +29,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.608](#downloads) |
| Windows | Visual Studio 2017 | [2.1.511](2.1.15.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.15/2.1.803-download.md
View File

@ -29,7 +29,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.608](2.1.608-download.md) |
| Windows | Visual Studio 2017 | [2.1.511](2.1.15.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.16/2.1.16.md
View File

@ -33,7 +33,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.609](2.1.609-download.md) |
| Windows | Visual Studio 2017 | [2.1.512](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.

2
release-notes/2.1/2.1.16/2.1.609-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.609](#downloads) |
| Windows | Visual Studio 2017 | [2.1.512](2.1.16.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.16/2.1.804-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.609](2.1.609-download.md) |
| Windows | Visual Studio 2017 | [2.1.512](2.1.16.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.17/2.1.17.md
View File

@ -32,7 +32,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.610](2.1.610-download.md) |
| Windows | Visual Studio 2017 | [2.1.513](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.

2
release-notes/2.1/2.1.17/2.1.610-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.610](#downloads) |
| Windows | Visual Studio 2017 | [2.1.513](2.1.17.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.17/2.1.805-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.609](2.1.609-download.md) |
| Windows | Visual Studio 2017 | [2.1.512](2.1.17.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.18/2.1.18-install-instructions.md
View File

@ -93,7 +93,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.18-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-may-2020/
[dotnet-hosting-win.exe]: https://download.visualstudio.microsoft.com/download/pr/95f36881-f24a-4e5a-bff9-74dba1c5ae60/04384e05d0ddf9098288c5c01f79ad01/dotnet-hosting-2.1.18-win.exe

4
release-notes/2.1/2.1.18/2.1.18.md
View File

@ -32,7 +32,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.611](2.1.611-download.md) |
| Windows | Visual Studio 2017 | [2.1.514](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.
@ -66,7 +66,7 @@ Alpine 3.8 has been out of support since [May 01, 2020](https://wiki.alpinelinux
.NET Core 2.1.18 release carries both security and non-security fixes.
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1108)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

4
release-notes/2.1/2.1.18/2.1.611-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.611](#downloads) |
| Windows | Visual Studio 2017 | [2.1.514](2.1.18.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -103,7 +103,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.18-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

4
release-notes/2.1/2.1.18/2.1.806-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.611](2.1.611-download.md) |
| Windows | Visual Studio 2017 | [2.1.514](2.1.18.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -117,7 +117,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.18-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

2
release-notes/2.1/2.1.19/2.1.19-install-instructions.md
View File

@ -93,7 +93,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.19-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-june-2020/
[dotnet-hosting-win.exe]: https://download.visualstudio.microsoft.com/download/pr/988d236a-30bf-4e96-8063-665d27c922c9/b793025960eaf182d8f32e723ad9b47a/dotnet-hosting-2.1.19-win.exe

4
release-notes/2.1/2.1.19/2.1.19.md
View File

@ -32,7 +32,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.612](2.1.612-download.md) |
| Windows | Visual Studio 2017 | [2.1.515](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.
@ -62,7 +62,7 @@ Alpine 3.12 and Centos 8 have been added as [supported OS](../2.1-supported-os.m
.NET Core 2.1.19 release carries a security fix.
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1108)
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/157) for the latest version numbers and instructions for updating .NET Core.

4
release-notes/2.1/2.1.19/2.1.612-download.md
View File

@ -29,7 +29,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.612](#downloads) |
| Windows | Visual Studio 2017 | [2.1.515](2.1.19.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -102,7 +102,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.19-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

4
release-notes/2.1/2.1.19/2.1.807-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.612](2.1.612-download.md) |
| Windows | Visual Studio 2017 | [2.1.515](2.1.19.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -117,7 +117,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.19-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

2
release-notes/2.1/2.1.20/2.1.20-install-instructions.md
View File

@ -93,7 +93,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.20-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-june-2020/
[dotnet-hosting-win.exe]: https://download.visualstudio.microsoft.com/download/pr/fa2c9d72-dda4-4b9c-ae58-97d4f36dbd63/fb2dfa6b0fede5d060ee3bae9d4223f5/dotnet-hosting-2.1.20-win.exe

4
release-notes/2.1/2.1.20/2.1.20.md
View File

@ -32,7 +32,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.613](2.1.613-download.md) |
| Windows | Visual Studio 2017 | [2.1.516](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.
@ -58,7 +58,7 @@ The images are expected to be available later today.
.NET Core 2.1.20 release carries both security and non-security fixes.
### [CVE-2020-1147 | NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1147)
### [CVE-2020-1147 | NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1147)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

4
release-notes/2.1/2.1.20/2.1.613-download.md
View File

@ -29,7 +29,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.613](#downloads) |
| Windows | Visual Studio 2017 | [2.1.516](2.1.20.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -102,7 +102,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.20-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

4
release-notes/2.1/2.1.20/2.1.808-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.613](2.1.613-download.md) |
| Windows | Visual Studio 2017 | [2.1.516](2.1.20.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker
@ -117,7 +117,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.20-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

2
release-notes/2.1/2.1.21/2.1.21-install-instructions.md
View File

@ -93,7 +93,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.21-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-august-2020/
[dotnet-hosting-win.exe]: https://download.visualstudio.microsoft.com/download/pr/ddde4319-0780-4b63-95e0-6dffc6445475/8545d6638e0b94440ed56f57f5a15410/dotnet-hosting-2.1.21-win.exe

4
release-notes/2.1/2.1.21/2.1.21.md
View File

@ -32,7 +32,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.614](2.1.614-download.md) |
| Windows | Visual Studio 2017 | [2.1.517](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
Note: This is not a security release hence this update will not be immediately available through Visual Studio. However, this is expected to show up in Visual Studio's March servicing release.
@ -58,7 +58,7 @@ The images are expected to be available later today.
.NET Core 2.1.21 release carries both security and non-security fixes.
### [CVE-2020-1597 | NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1597)
### [CVE-2020-1597 | NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1597)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

2
release-notes/2.1/2.1.21/2.1.614-download.md
View File

@ -29,7 +29,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.614](#downloads) |
| Windows | Visual Studio 2017 | [2.1.517](2.1.21.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.21/2.1.809-download.md
View File

@ -30,7 +30,7 @@ This update for .NET Core 2.1 includes multiple SDK builds. If you are a Visual
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.1.614](2.1.614-download.md) |
| Windows | Visual Studio 2017 | [2.1.517](2.1.21.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

2
release-notes/2.1/2.1.22/2.1.22.md
View File

@ -58,7 +58,7 @@ The images are expected to be available later today.
.NET Core 2.1.22 release carries both security and non-security fixes.
### [CVE-2020-1045 | Microsoft ASP.NET Core Security Feature Bypass Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1045)
### [CVE-2020-1045 | Microsoft ASP.NET Core Security Feature Bypass Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1045)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

2
release-notes/2.1/2.1.22/2.1.615-download.md
View File

@ -102,7 +102,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.22-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-september-2020/

2
release-notes/2.1/2.1.23/2.1.616-download.md
View File

@ -102,7 +102,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/2.1.23-sha.txt
[linux-install]: https://www.microsoft.com/net/download/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/

6
release-notes/2.1/2.1.400-SDK/2.1.400-sdk.md
View File

@ -1,6 +1,6 @@
# .NET Core 2.1.400 SDK Update - August 14, 2018
.NET Core SDK 2.1.400 is available for download and usage in your environment. This includes the [2.1.2 Runtime](https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.2.md) that shipped in July 2018. This release also ships with [Visual Studio 15.8](https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes#NETCoreSDK2.1.400).
.NET Core SDK 2.1.400 is available for download and usage in your environment. This includes the [2.1.2 Runtime](https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.2.md) that shipped in July 2018. This release also ships with [Visual Studio 15.8](https://docs.microsoft.com/visualstudio/releasenotes/vs2017-relnotes#NETCoreSDK2.1.400).
* [Downloads](#downloads)
* [Changes in this release](#notable-changes-in-sdk-21400)
@ -32,14 +32,14 @@ The following repos have been updated
See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blob/master/os-lifecycle-policy.md) to learn about Windows, macOS and Linux versions that are supported for each .NET Core release.
## Notable Changes in SDK 2.1.400
## Notable Changes in SDK 2.1.400
* Added nunit templates.
* Added support for signed global tools. [dotnet/cli#9224](https://github.com/dotnet/cli/issues/9224)
* Improved help text. [dotnet/cli#7431](https://github.com/dotnet/cli/issues/7431), [dotnet/cli#9230](https://github.com/dotnet/cli/issues/9230), [dotnet/cli#9165](https://github.com/dotnet/cli/issues/9165)
* Added support for interactive restore/add package to support NuGet and VSTS. authenticated feeds. [NuGet/Home#7017](https://github.com/NuGet/Home/issues/7017), [NuGet/Home#6642](https://github.com/NuGet/Home/issues/6642)
* Added error codes to all SDK error messages. [dotnet/cli#2269](https://github.com/dotnet/sdk/pull/2269)
* Highlights of included tools:
* Updates to Visual Basic and F# 4.5 as described in the [Visual Studio Release Notes](https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes)
* Updates to Visual Basic and F# 4.5 as described in the [Visual Studio Release Notes](https://docs.microsoft.com/visualstudio/releasenotes/vs2017-relnotes)
[dlc-runtime]: https://download.microsoft.com/download/1/f/7/1f7755c5-934d-4638-b89f-1f4ffa5afe89
[dlc-sdk]: https://download.microsoft.com/download/9/D/2/9D2354BE-778B-42D6-BA4F-3CEF489A4FDE

2
release-notes/2.1/2.1.502-SDK/2.1.502.md
View File

@ -1,6 +1,6 @@
# .NET Core SDK 2.1.502 - December 11, 2018
.NET Core SDK 2.1.502 is available for download and usage in your environment. This release includes the previously released .NET Core 2.1.6. The .NET Core SDK 2.1.502 matches what is included in [Visual Studio 2017 version 15.9.4](https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes#15.9.4).
.NET Core SDK 2.1.502 is available for download and usage in your environment. This release includes the previously released .NET Core 2.1.6. The .NET Core SDK 2.1.502 matches what is included in [Visual Studio 2017 version 15.9.4](https://docs.microsoft.com/visualstudio/releasenotes/vs2017-relnotes#15.9.4).
All fixes of note can be seen in the [.NET Core 2.1.502 commits](2.1.502-commits.md) list.
* [Downloads](#downloads)

2
release-notes/2.1/2.1.603-SDK/2.1.603-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.506](../2.1.10/2.1.10-download.md) |
| Visual Studio 2019 (Windows) | [2.1.603](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.1/2.1.604-SDK/2.1.604-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019.
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.507](../2.1.11/2.1.11-download.md) |
| Visual Studio 2019 (Windows) | [2.1.604](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.1/2.1.700-SDK/2.1.700-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.1.507](../2.1.11/2.1.11-download.md) |
| Visual Studio 2019 (Windows) | [2.1.700](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

4
release-notes/2.1/2.1.9/2.1.9.md
View File

@ -48,9 +48,9 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
## Changes in 2.1.9
.NET Core 2.1.9 release carries both security and non-security fixes.
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0757)
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0757)
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
The security update addresses the vulnerability by correcting how NuGet restore creates file permissions for all files extracted to the client machine.

2
release-notes/2.2/2.2-supported-os.md
View File

@ -17,7 +17,7 @@ Windows 10 Client | Version 1607+ | x64, x86 |
Windows Server | 2008 R2 SP1+ | x64, x86 |
Nano Server | Version 1709+ | x64, ARM32 |
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS

2
release-notes/2.2/2.2.203-SDK/2.2.203-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.106](../2.2.4/2.2.4-download.md) |
| Visual Studio 2019 (Windows) | [2.2.203](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.2/2.2.204-SDK/2.2.204-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019.
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.107](../2.2.5/2.2.5-download.md) |
| Visual Studio 2019 (Windows) | [2.2.204](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

4
release-notes/2.2/2.2.3/2.2.3.md
View File

@ -49,9 +49,9 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.2.3 release carries both security and non-security fixes.
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0757)
* [CVE-2019-0657: .NET Core NuGet Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0757)
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that an attacker can login as any other user on that machine. At that point, the attacker will be able to replace or add to files that were created by a NuGet restore operation in the current users account.
The security update addresses the vulnerability by correcting how NuGet restore creates file permissions for all files extracted to the client machine.

2
release-notes/2.2/2.2.300-SDK/2.2.300-SDK-download.md
View File

@ -12,7 +12,7 @@ This .NET Core SDK release is the version which shipped with Visual Studio 2019
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.107](../2.2.5/2.2.5-download.md) |
| Visual Studio 2019 (Windows) | [2.2.300](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.2/2.2.4/2.2.4-download.md
View File

@ -14,7 +14,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.106](#downloads) |
| Visual Studio 2019 (Windows) | [2.2.203](../2.2.203-SDK/2.2.203-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

2
release-notes/2.2/2.2.4/2.2.4.md
View File

@ -8,7 +8,7 @@
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.106](#downloads) |
| Visual Studio 2019 (Windows) | [2.2.203](../2.2.203-SDK/2.2.203-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)

2
release-notes/2.2/2.2.5/2.2.5-download.md
View File

@ -14,7 +14,7 @@ See the [Release Notes](2.2.5.md) for details about what is included in this upd
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.107](#downloads) |
| Visual Studio 2019 (Windows) | [2.2.204](../2.2.204-SDK/2.2.204-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads

26
release-notes/2.2/2.2.5/2.2.5.md
View File

@ -8,7 +8,7 @@
| :-- | :--: |
| Visual Studio 2017 (Windows) | [2.2.107](#downloads) |
| Visual Studio 2019 (Windows) | [2.2.204](../2.2.204-SDK/2.2.204-SDK-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)
@ -57,7 +57,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.2.5 release carries both security and non-security fixes.
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0820)
* [CVE-2019-0820: .NET Core Tampering Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0820)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -68,12 +68,12 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how .NET Core applications handle RegEx string processing.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0980)
System.Text.RegularExpressions.dll | 4.3.0 | 4.3.1
* [CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0980)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -87,9 +87,9 @@ The update addresses the vulnerability by correcting how .NET Core and ASP.NET C
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0981)
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0981)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and ASP.NET Core 1.0, 1.1, 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -103,9 +103,9 @@ The update addresses the vulnerability by correcting how .NET Core and ASP.NET C
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
System.Private.Uri | 4.3.0, 4.3.1 | 4.3.2
* [CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0982)
* [CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0982)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -116,10 +116,10 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
**Affected Package and Binary updates**
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.AspNetCore.SignalR.Protocols.MessagePack | 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4<br/>1.1.0 | 1.0.11<br/>1.1.5
Microsoft.AspNetCore.SignalR.Protocols.MessagePack | 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4<br/>1.1.0 | 1.0.11<br/>1.1.5
### Additional fixes in this release
* [CoreCLR](https://github.com/dotnet/coreclr/issues?utf8=%E2%9C%93&q=milestone%3A2.2.5+label%3Aservicing-approved)

2
release-notes/2.2/2.2.6/2.2.205-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.2.205](#downloads) |
| Visual Studio 2019 version 16.1 (Windows) | [2.2.301](2.2.301-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.2.401](2.2.401-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.2/2.2.6/2.2.301-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.2.205](2.2.205-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.2.301](#downloads) |
| Visual Studio 2019 version 16.2 (Windows) | [2.2.401](2.2.401-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.2/2.2.6/2.2.401-sdk-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.2.205](2.2.205-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.2.301](2.2.301-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.2.401](#downloads) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

2
release-notes/2.2/2.2.6/2.2.6-download.md
View File

@ -16,7 +16,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| Visual Studio 2019 version 16.0 (Windows) | [2.2.205](2.2.205-sdk-download.md) |
| Visual Studio 2019 version 16.1 (Windows) | [2.2.301](2.2.301-sdk-download.md) |
| Visual Studio 2019 version 16.2 (Windows) | [2.2.401](2.2.401-sdk-download.md) |
| Visual Studio for Mac | https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support |
| Visual Studio for Mac | https://docs.microsoft.com/visualstudio/mac/net-core-support |
## Downloads
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime |

6
release-notes/2.2/2.2.6/2.2.6.md
View File

@ -11,7 +11,7 @@ The July Update for .NET Core 2.1 includes multiple SDK builds. If you are a Vis
| Windows | Visual Studio 2019 version 16.1 | [2.2.301](2.2.301-sdk-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.2.205](2.2.205-sdk-download.md) |
| Windows | Visual Studio 2017 | [2.2.108](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
* [Blog Post][dotnet-blog]
* [Downloads](#downloads)
@ -54,7 +54,7 @@ The images are expected to be available later today.
.NET Core 1.0 and 1.1 reached end of support lifecycle on June 27, 2019 and will no longer receive updates going forward. See [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core) to learn more about the .NET Core support lifecycle.
Debian 10 GA finally released and we expect .NET Core availability on it later this month.
Debian 10 GA finally released and we expect .NET Core availability on it later this month.
See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blob/master/os-lifecycle-policy.md) to learn about Windows, macOS and Linux versions that are supported for each .NET Core release.
@ -62,7 +62,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 2.2.6 release carries both security and non-security fixes.
* [CVE-2019-1075: ASP.NET Core Spoofing Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1075)
* [CVE-2019-1075: ASP.NET Core Spoofing Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1075)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1 and 2.2. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

2
release-notes/2.2/2.2.7/2.2.206-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.2 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.2.402](2.2.402-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.2.206](#downloads) |
| Windows | Visual Studio 2017 | [2.2.109](2.2.7-download.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

2
release-notes/2.2/2.2.7/2.2.402-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.2 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.2.402](#downloads) |
| Windows | Visual Studio 2019 version 16.0 | [2.2.206](2.2.206-download.md) |
| Windows | Visual Studio 2017 | [2.2.109](2.2.7-download.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

2
release-notes/2.2/2.2.7/2.2.7-download.md
View File

@ -16,7 +16,7 @@ The September Update for .NET Core 2.2 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.2.402](2.2.402-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.2.206](2.2.206-download.md) |
| Windows | Visual Studio 2017 | [2.2.109](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Downloads

8
release-notes/2.2/2.2.7/2.2.7.md
View File

@ -40,7 +40,7 @@ The September Update for .NET Core 2.2 includes multiple SDK builds. If you are
| Windows | Visual Studio 2019 version 16.2 | [2.2.402](2.2.402-download.md) |
| Windows | Visual Studio 2019 version 16.0 | [2.2.206](2.2.206-download.md) |
| Windows | Visual Studio 2017 | [2.2.109](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
### Docker Images
@ -62,7 +62,7 @@ The images are expected to be available later today.
.NET Core 2.2.7 release carries both security and non-security fixes.
### [CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1302)
### [CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1302)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -78,7 +78,7 @@ Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.AspNetCore.SpaServices | 2.1.0-2.1.2 <br> 2.2.0 | 2.1.2 <br> 2.2.1
### [CVE-2019-1301: Denial of Service Vulnerability in .NET Core](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1301)
### [CVE-2019-1301: Denial of Service Vulnerability in .NET Core](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1301)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -93,7 +93,7 @@ Package name | Vulnerable versions | Secure versions
System.Net.Sockets | 4.3.0 | 4.3.1
Microsoft.NetCore.App | 2.1.0 - 2.1.12 <br> 2.2.0 - 2.2.6 | 2.1.13 <br> 2.2.7
###[CVE-2018-8269: Denial of Service Vulnerability in OData](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8269)
###[CVE-2018-8269: Denial of Service Vulnerability in OData](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8269)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

4
release-notes/2.2/2.2.8/2.2.207-download.md
View File

@ -24,14 +24,14 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
## Visual Studio Compatibility
The November Update for .NET Core 2.2 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download.
The November Update for .NET Core 2.2 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download.
| OS | Development Environment | .NET Core SDK |
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.2.207](#downloads) |
| Windows | Visual Studio 2017 | [2.2.110](2.2.8-download.md) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
## Docker

4
release-notes/2.2/2.2.8/2.2.8.md
View File

@ -26,13 +26,13 @@ We've created an issue at [dotnet/core #3848](https://github.com/dotnet/core/iss
### Visual Studio Compatibility
The November Update for .NET Core 2.2 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download.
The November Update for .NET Core 2.2 includes multiple SDK builds. If you are a Visual Studio 2019, Visual Studio 2017 or Visual Studio for Mac user, there are MSBuild version requirements that are satisfied by specific, matching .NET Core SDK versions. See the table below to select the correct download.
| OS | Development Environment | .NET Core SDK |
| :-- | :-- | :--: |
| Windows | Visual Studio 2019 version 16.0 | [2.2.207](2.2.207-download.md) |
| Windows | Visual Studio 2017 | [2.2.110](#downloads) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/en-us/visualstudio/mac/net-core-support) |
| MacOS | Visual Studio for Mac | [Visual Studio for Mac .NET Core Support](https://docs.microsoft.com/visualstudio/mac/net-core-support) |
### Docker Images

2
release-notes/3.0/3.0-supported-os.md
View File

@ -17,7 +17,7 @@ Windows 10 Client | Version 1607+ | x64, x86 |
Nano Server | Version 1803+ | x64, ARM32 |
Windows Server | 2012 R2+ | x64, x86 |
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS

14
release-notes/3.0/3.0.2/3.0.2.md
View File

@ -14,7 +14,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz]<sup>1</sup> | - |
| Checksums | [SDK][checksums-sdk] | - | [Runtime][checksums-runtime] | - | - | - |
@ -58,7 +58,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 3.0.2 release carries both security and non-security fixes.
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0602)
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0602)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -76,7 +76,7 @@ Microsoft.AspNetCore.Http.Connections | 1.0.0 - 1.0.4 | 1.0.15
Microsoft.AspNetCore.App | 2.1.0 - 2.1.14 <br> 3.0.0 <br> 3.1.0 | 2.1.15 <br> 3.0.1 <br> 3.1.1
Microsoft.AspNetCore.All | 2.1.0 - 2.1.14 | 2.0.15
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0603)
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0603)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -96,7 +96,7 @@ Microsoft.AspNetCore.App | 2.1.0 - 2.1.14 <br> 3.0.0 <br> 3.1.0 | 2.1.15 <br> 3
Microsoft.AspNetCore.All | 2.1.0 - 2.1.14 | 2.1.15
### [CVE-2020-0605: .NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0605)
### [CVE-2020-0605: .NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0605)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -108,10 +108,10 @@ The security update addresses the vulnerability by correcting how .NET Core chec
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.1.0 | 3.1.1
### [CVE-2020-0606: .NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0606)
### [CVE-2020-0606: .NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0606)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -123,7 +123,7 @@ The security update addresses the vulnerability by correcting how .NET Core chec
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.1.0 | 3.1.1
### Additional fixes in this release

6
release-notes/3.1/3.1-supported-os.md
View File

@ -17,10 +17,10 @@ Windows 10 Client | Version 1607+ | x64, x86 |
Nano Server | Version 1803+ | x64, ARM32 |
Windows Server | 2012 R2+ | x64, x86 |
**\*** Windows 7 SP1 is supported with [Extended Security Updates](https://docs.microsoft.com/en-us/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq) installed.
**\*** Windows 7 SP1 is supported with [Extended Security Updates](https://docs.microsoft.com/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq) installed.
s
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
See the [Windows Lifecycle Fact Sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for details regarding each Windows release lifecycle.
## macOS
@ -51,7 +51,7 @@ Support for the following versions was ended by the distribution owners and are
|OS | Version | End of Life | Supported Version|
|-----------|----------|-------------|------------------|
| Windows 10| 1703 | [10/08/2019](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) |
| Windows 10| 1703 | [10/08/2019](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) |
| Fedora | 30 | [26/05/2020](https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/7UTUFY7WEL6RTFRXJB75XAFH44Y6RPUC/) |
| Alpine | 3.8 | [05/01/2020](https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases) |
| Ubuntu | 19.04 | [01/23/2020](https://wiki.ubuntu.com/Releases) |

2
release-notes/3.1/3.1.0/3.1.0-install-instructions.md
View File

@ -14,7 +14,7 @@ The [.NET Core Docker images](https://hub.docker.com/r/microsoft/dotnet/) have b
## Installing .NET Core on Linux
See our [Linux package manager](https://docs.microsoft.com/en-us/dotnet/core/install/linux-package-manager-rhel7) pages for details on installing .NET Core using package managers.
See our [Linux package manager](https://docs.microsoft.com/dotnet/core/install/linux-package-manager-rhel7) pages for details on installing .NET Core using package managers.
### Install using Snap

14
release-notes/3.1/3.1.1/3.1.1.md
View File

@ -19,7 +19,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -64,7 +64,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
.NET Core 3.1.1 release carries both security and non-security fixes.
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0602)
### [CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0602)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -82,7 +82,7 @@ Microsoft.AspNetCore.Http.Connections | 1.0.0 - 1.0.4 | 1.0.15
Microsoft.AspNetCore.App | 2.1.0 - 2.1.14 <br> 3.0.0 <br> 3.1.0 | 2.1.15 <br> 3.0.1 <br> 3.1.1
Microsoft.AspNetCore.All | 2.1.0 - 2.1.14 | 2.1.15
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0603)
### [CVE-2020-0603: ASP.NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0603)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -102,7 +102,7 @@ Microsoft.AspNetCore.App | 2.1.0 - 2.1.14 <br> 3.0.0 <br> 3.1.0 | 2.1.15 <br> 3
Microsoft.AspNetCore.All | 2.1.0 - 2.1.14 | 2.1.15
### [CVE-2020-0605: .NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0605)
### [CVE-2020-0605: .NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0605)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -114,10 +114,10 @@ The security update addresses the vulnerability by correcting how .NET Core chec
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.1.0 | 3.1.1
### [CVE-2020-0606: .NET Core Remote Code Execution Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0606)
### [CVE-2020-0606: .NET Core Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0606)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -129,7 +129,7 @@ The security update addresses the vulnerability by correcting how .NET Core chec
Package name | Vulnerable versions | Secure versions
------------ | ------------------- | -------------------------
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.0.0 - 3.0.1 | 3.0.2
Microsoft.WindowsDesktop.App | 3.1.0 | 3.1.1

6
release-notes/3.1/3.1.10/3.1.10.md
View File

@ -18,7 +18,7 @@ The .NET 3.1.10 and .NET SDK 3.1.110 releases are available for download. The la
</br>
The .NET SDK includes a matching updated .NET Runtime. Downloading the Runtime or ASP.NET Core packages is not needed when installing the SDK.
The .NET SDK includes a matching updated .NET Runtime. Downloading the Runtime or ASP.NET Core packages is not needed when installing the SDK.
You can check your .NET SDK version by running the following command. The example version shown is for this release.
@ -26,7 +26,7 @@ You can check your .NET SDK version by running the following command. The exampl
$ dotnet --version
3.1.110
```
Visit [.NET Documentation](https://docs.microsoft.com/en-us/dotnet/core/) to learn about .NET, for building many different types of applications.
Visit [.NET Documentation](https://docs.microsoft.com/dotnet/core/) to learn about .NET, for building many different types of applications.
</br>
@ -75,7 +75,7 @@ The following repos have been updated.
## Adding a switch to enable sending ISO-8859-1 headers with SocketsHttpHandler
Since the introduction of `SocketsHttpHandler` in .NET Core 2.1, an attempt to send non-ASCII characters in HTTP headers throws an `HttpRequestException`. This (RFC-conform) behavior turned out to be a blocker for some users trying to migrate from .NET Framework. In .NET 5 we are addressing this by the introduction of [`SocketsHttpHandler.RequestHeaderEncodingSelector`](https://docs.microsoft.com/en-us/dotnet/api/system.net.http.socketshttphandler.requestheaderencodingselector?view=net-5.0). To unblock users who are not (yet) able to migrate to .NET 5.0, we also added a runtime-configuration switch as part of .NET Core 3.1 servicing. This switch allows relaxing the HTTP header validation, enabling `SocketsHttpHandler` to send ISO-8859-1 (Latin-1) encoded characters in headers.
Since the introduction of `SocketsHttpHandler` in .NET Core 2.1, an attempt to send non-ASCII characters in HTTP headers throws an `HttpRequestException`. This (RFC-conform) behavior turned out to be a blocker for some users trying to migrate from .NET Framework. In .NET 5 we are addressing this by the introduction of [`SocketsHttpHandler.RequestHeaderEncodingSelector`](https://docs.microsoft.com/dotnet/api/system.net.http.socketshttphandler.requestheaderencodingselector?view=net-5.0). To unblock users who are not (yet) able to migrate to .NET 5.0, we also added a runtime-configuration switch as part of .NET Core 3.1 servicing. This switch allows relaxing the HTTP header validation, enabling `SocketsHttpHandler` to send ISO-8859-1 (Latin-1) encoded characters in headers.
- `AppContext` switch: `System.Net.Http.SocketsHttpHandler.AllowLatin1Headers`. `false` - disabled, `true` - enabled
- Environment variable: `DOTNET_SYSTEM_NET_HTTP_SOCKETSHTTPHANDLER_ALLOWLATIN1HEADERS`. `0` - disabled, `1` - enabled

4
release-notes/3.1/3.1.2/3.1.2.md
View File

@ -19,7 +19,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -70,7 +70,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo
* [ASP.NETCore](https://github.com/search?q=is%3Apr+label%3AServicing-approved+milestone%3A3.1.2+repo%3Adotnet%2Faspnetcore+repo%3Adotnet%2Fextensions+repo%3Adotnet%2Faspnetcore-tooling+repo%3Adotnet%2Fblazor+repo%3Adotnet%2Fefcore+repo%3Adotnet%2Fef6)
### macOS Notarization Change
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://review.docs.microsoft.com/en-us/dotnet/core/install/macos-notarization-issues?branch=pr-en-us-17092). If you want to opt into using the AppHost, please use following:
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://review.docs.microsoft.com/dotnet/core/install/macos-notarization-issues?branch=pr-en-us-17092). If you want to opt into using the AppHost, please use following:
```
<PropertyGroup>
<UseAppHost>true</UseAppHost>

4
release-notes/3.1/3.1.3/3.1.3.md
View File

@ -18,7 +18,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -63,7 +63,7 @@ The following repos have been updated
* [Core-Setup](https://github.com/dotnet/core-setup/issues?utf8=✓&q=milestone:3.1.3+label:servicing-approved)
### macOS Notarization Change
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/en-us/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
```
<PropertyGroup>
<UseAppHost>true</UseAppHost>

4
release-notes/3.1/3.1.4/3.1.202-download.md
View File

@ -13,7 +13,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -119,7 +119,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.4-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-march-2020/

2
release-notes/3.1/3.1.4/3.1.4-install-instructions.md
View File

@ -90,7 +90,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.4-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

10
release-notes/3.1/3.1.4/3.1.4.md
View File

@ -18,7 +18,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -65,7 +65,7 @@ Alpine 3.8 has been out of support since [May 01, 2020](https://wiki.alpinelinux
.NET Core 3.1.4 release carries both security and non-security fixes.
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1108)
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -75,7 +75,7 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
For more information, see the [Github announcement](https://github.com/dotnet/announcements/issues/156).
### [CVE-2020-1161: ASP.NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1161)
### [CVE-2020-1161: ASP.NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1161)
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
@ -95,7 +95,7 @@ For more information, see the [Github announcement](https://github.com/aspnet/An
* [Core-Setup](https://github.com/dotnet/core-setup/issues?utf8=✓&q=milestone:3.1.4+label:servicing-approved)
### macOS Notarization Change
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/en-us/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
```
<PropertyGroup>
<UseAppHost>true</UseAppHost>
@ -377,7 +377,7 @@ dotnet-svcutil.xmlserializer | 1.2.0
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.4-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-may-2020/
[aspnet-blog]: https://devblogs.microsoft.com/aspnet/asp-net-core-updates-in-net-core-3-1/

4
release-notes/3.1/3.1.5/3.1.301-download.md
View File

@ -13,7 +13,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -119,7 +119,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.5-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-march-2020/

2
release-notes/3.1/3.1.5/3.1.5-install-instructions.md
View File

@ -90,7 +90,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.5-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/

8
release-notes/3.1/3.1.5/3.1.5.md
View File

@ -18,7 +18,7 @@ Your feedback is important and appreciated. We've created an issue at [dotnet/co
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -60,7 +60,7 @@ Alpine 3.12 and Centos 8 has been added as [supported OS](../3.1-supported-os.md
.NET Core 3.1.5 release carries both security and non-security fixes.
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1108)
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/157) for the latest version numbers and instructions for updating .NET Core.
@ -76,7 +76,7 @@ A remote unauthenticated attacker could exploit this vulnerability by issuing sp
* [Core-Setup](https://github.com/dotnet/core-setup/issues?utf8=✓&q=milestone:3.1.5+label:servicing-approved)
### macOS Notarization Change
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/en-us/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
Running "dotnet build" will generate dll instead of binary on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, please use following:
```
<PropertyGroup>
<UseAppHost>true</UseAppHost>
@ -366,7 +366,7 @@ microsoft.build.utilities.core | 16.6.0.nupkg
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.5-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-june-2020/
[aspnet-blog]: https://devblogs.microsoft.com/aspnet/asp-net-core-updates-in-net-core-3-1/

4
release-notes/3.1/3.1.6/3.1.302-download.md
View File

@ -13,7 +13,7 @@ See the [Release Notes](https://github.com/dotnet/core/blob/master/release-notes
| | SDK Installer<sup>1</sup> | SDK Binaries<sup>1</sup> | Runtime Installer | Runtime Binaries | ASP.NET Core Runtime | Windows Desktop Runtime |
| --------- | :------------------------------------------: | :----------------------: | :---------------------------: | :-------------------------: | :-----------------: |:-----------------: |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| Windows | [x86][dotnet-sdk-win-x86.exe] \| [x64][dotnet-sdk-win-x64.exe] | [x86][dotnet-sdk-win-x86.zip] \| [x64][dotnet-sdk-win-x64.zip] \| [ARM][dotnet-sdk-win-arm.zip] | [x86][dotnet-runtime-win-x86.exe] \| [x64][dotnet-runtime-win-x64.exe] | [x86][dotnet-runtime-win-x86.zip] \| [x64][dotnet-runtime-win-x64.zip] \| [ARM][dotnet-runtime-win-arm.zip] | [x86][aspnetcore-runtime-win-x86.exe] \| [x64][aspnetcore-runtime-win-x64.exe] \| [ARM][aspnetcore-runtime-win-arm.zip] \|<br> [Hosting Bundle][dotnet-hosting-win.exe]<sup>2</sup> | [x86][windowsdesktop-runtime-win-x86.exe] \| [x64][windowsdesktop-runtime-win-x64.exe] |
| macOS | [x64][dotnet-sdk-osx-x64.pkg] | [x64][dotnet-sdk-osx-x64.tar.gz] | [x64][dotnet-runtime-osx-x64.pkg] | [x64][dotnet-runtime-osx-x64.tar.gz] | [x64][aspnetcore-runtime-osx-x64.tar.gz]<sup>1</sup> | - |
| Linux | [Snap Install][snap-install] | [x64][dotnet-sdk-linux-x64.tar.gz] \| [ARM][dotnet-sdk-linux-arm.tar.gz] \| [ARM64][dotnet-sdk-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-sdk-linux-musl-x64.tar.gz] | - | [x64][dotnet-runtime-linux-x64.tar.gz] \| [ARM][dotnet-runtime-linux-arm.tar.gz] \| [ARM64][dotnet-runtime-linux-arm64.tar.gz] \| [x64 Alpine][dotnet-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][dotnet-runtime-linux-musl-arm64.tar.gz] | [x64][aspnetcore-runtime-linux-x64.tar.gz]<sup>1</sup> \| [ARM][aspnetcore-runtime-linux-arm.tar.gz]<sup>1</sup> \| [ARM64][aspnetcore-runtime-linux-arm64.tar.gz]<sup>1</sup> \| [x64 Alpine][aspnetcore-runtime-linux-musl-x64.tar.gz] \| [ARM64 Alpine][aspnetcore-runtime-linux-musl-arm64.tar.gz] | - |
| RHEL6 | - | [x64][dotnet-sdk-rhel.6-x64.tar.gz] | - | [x64][dotnet-runtime-rhel.6-x64.tar.gz] | - |
@ -119,7 +119,7 @@ This will install the ASP.NET Core Module for IIS.
[checksums-sdk]: https://dotnetcli.blob.core.windows.net/dotnet/checksums/3.1.6-sha.txt
[linux-install]: https://docs.microsoft.com/dotnet/core/install/linux
[linux-setup]: https://docs.microsoft.com/en-us/dotnet/core/install/
[linux-setup]: https://docs.microsoft.com/dotnet/core/install/
[dotnet-blog]: https://devblogs.microsoft.com/dotnet/net-core-march-2020/

Some files were not shown because too many files have changed in this diff Show More