From 6a317fb5e62a5044790d45d47dfa3d5933515da1 Mon Sep 17 00:00:00 2001 From: Lee Coward Date: Tue, 12 Feb 2019 12:33:38 -0800 Subject: [PATCH] Update 1.0.14.md --- release-notes/1.0/1.0.14/1.0.14.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release-notes/1.0/1.0.14/1.0.14.md b/release-notes/1.0/1.0.14/1.0.14.md index 4311fa95..e417da04 100644 --- a/release-notes/1.0/1.0.14/1.0.14.md +++ b/release-notes/1.0/1.0.14/1.0.14.md @@ -6,7 +6,7 @@ The .NET Core SDK 1.1.12 includes .NET Core 1.0.14 Runtime so downloading the runtime packages separately is not needed when installing the SDK. After installing the .NET Core SDK 1.1.12, running `dotnet --version` will show that you're running version `1.1.12` of the .NET Core tools. -Your feedback is important and appreciated. We've created an issue at [dotnet/core #XXXX](https://github.com/dotnet/core/issues/2304) for your questions and comments. +Your feedback is important and appreciated. We've created an issue at [dotnet/core #2304](https://github.com/dotnet/core/issues/2304) for your questions and comments. ## Docker Images @@ -26,7 +26,7 @@ See [.NET Core Supported OS Lifecycle Policy](https://github.com/dotnet/core/blo ## Notable Changes in 1.0.14 -* ### [CVE-2019-0657: .NET Core Domain Spoofing Vulnerability](https://github.com/dotnet/Announcements/issues/xxxx) +* ### [CVE-2019-0657: .NET Core Domain Spoofing Vulnerability](https://github.com/dotnet/announcements/issues/97) This update addresses a domain spoofing vulnerability in .NET Framework and .NET Core which causes the meaning of a URI to change when International Domain Name encoding is applied. An attacker who successfully exploited the vulnerability could redirect a URI.