maxmustermann/dotnet-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fix broken links (#2214)

Browse source
This commit is contained in:
John Korsnes 2019-01-09 17:13:04 +01:00 committed by Karel Zikmund
parent 877be50ed1
commit fe04ad9ed0
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
release-notes/2.2/2.2.1/2.2.1.md
View file

@ -51,7 +51,7 @@ The following OS versions have changed support status since our last release:
All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
* ### [CVE-2019-0545: .NET Core Information Disclosure Vulnerability](https://github.com/dotnet/Announcements/issues/XX)
* ### [CVE-2019-0545: .NET Core Information Disclosure Vulnerability](https://github.com/dotnet/Announcements/issues/94)
The security update addresses the vulnerability by enforcing Cross-origin Resource Sharing (CORS) configuration to prevent its bypass in .NET Core 2.1 and 2.2. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application.
@ -61,7 +61,7 @@ All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
------------ | ------------------- | -------------------------
System.Net.Http | 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4 | 4.3.5
* ### [CVE-2019-0548: ASP.NET Core Denial Of Service Vulnerability](https://github.com/dotnet/Announcements/issues/XX)
* ### [CVE-2019-0548: ASP.NET Core Denial Of Service Vulnerability](https://github.com/aspnet/Announcements/issues/335)
This security vulnerability exists in ASP.NET Core 1.0, 1.1, 2.1 and 2.2. If an application is hosted on Internet Information Server (IIS) a remote unauthenticated attacker can use a specially crafted request to cause a Denial of Service.
@ -71,7 +71,7 @@ All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
------------ | ------------------- | -------------------------
AspNetCoreModule (ANCM) | Prior to 12.2.18346.0 | >=12.2.18346.0
* ### [CVE-2019-0564: ASP.NET Core Denial Of Service Vulnerability](https://github.com/dotnet/Announcements/issues/XX)
* ### [CVE-2019-0564: ASP.NET Core Denial Of Service Vulnerability](https://github.com/aspnet/Announcements/issues/334)
This security vulnerability exists when ASP.NET Core 2.1 and 2.2 improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.