maxmustermann/dotnet-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #4805 from dotnet/rbhanda-patch-1

Browse source 
Update 2.1.19.md
This commit is contained in:
Rahul Bhandari 2020-06-09 10:39:27 -07:00 committed by GitHub
commit 970f7cb4c0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
release-notes/2.1/2.1.19/2.1.19.md
View file

@ -64,7 +64,7 @@ Alpine 3.12 and Centos 8 have been added as [supported OS](../2.1-supported-os.m
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/156) for the latest version numbers and instructions for updating .NET Core.
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/157) for the latest version numbers and instructions for updating .NET Core.
Microsoft is aware of a denial of service vulnerability which exists when .NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core web application. The vulnerability can be exploited remotely, without authentication. 

2
release-notes/3.1/3.1.5/3.1.5.md
View file

@ -62,7 +62,7 @@ Alpine 3.12 and Centos 8 has been added as [supported OS](../3.1-supported-os.md
### [CVE-2020-1108: .NET Core Denial of Service Vulnerability](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1108)
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/156) for the latest version numbers and instructions for updating .NET Core.
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the [Release Notes](https://github.com/dotnet/announcements/issues/157) for the latest version numbers and instructions for updating .NET Core.
Microsoft is aware of a denial of service vulnerability which exists when .NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core web application. The vulnerability can be exploited remotely, without authentication.