maxmustermann/dotnet-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fix broken links (#2214)

Browse source
This commit is contained in:
John Korsnes 2019-01-09 17:13:04 +01:00 committed by Karel Zikmund
parent 877be50ed1
commit fe04ad9ed0
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
release-notes/2.2/2.2.1/2.2.1.md
View file

@ -51,7 +51,7 @@ The following OS versions have changed support status since our last release:
All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list. All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
* ### [CVE-2019-0545: .NET Core Information Disclosure Vulnerability](https://github.com/dotnet/Announcements/issues/XX) * ### [CVE-2019-0545: .NET Core Information Disclosure Vulnerability](https://github.com/dotnet/Announcements/issues/94)
The security update addresses the vulnerability by enforcing Cross-origin Resource Sharing (CORS) configuration to prevent its bypass in .NET Core 2.1 and 2.2. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application. The security update addresses the vulnerability by enforcing Cross-origin Resource Sharing (CORS) configuration to prevent its bypass in .NET Core 2.1 and 2.2. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application.
@ -61,7 +61,7 @@ All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
------------ | ------------------- | ------------------------- ------------ | ------------------- | -------------------------
System.Net.Http | 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4 | 4.3.5 System.Net.Http | 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4 | 4.3.5
* ### [CVE-2019-0548: ASP.NET Core Denial Of Service Vulnerability](https://github.com/dotnet/Announcements/issues/XX) * ### [CVE-2019-0548: ASP.NET Core Denial Of Service Vulnerability](https://github.com/aspnet/Announcements/issues/335)
This security vulnerability exists in ASP.NET Core 1.0, 1.1, 2.1 and 2.2. If an application is hosted on Internet Information Server (IIS) a remote unauthenticated attacker can use a specially crafted request to cause a Denial of Service. This security vulnerability exists in ASP.NET Core 1.0, 1.1, 2.1 and 2.2. If an application is hosted on Internet Information Server (IIS) a remote unauthenticated attacker can use a specially crafted request to cause a Denial of Service.
@ -71,7 +71,7 @@ All fixes of note can be seen in the [2.2.1 commits](2.2.1-commits.md) list.
------------ | ------------------- | ------------------------- ------------ | ------------------- | -------------------------
AspNetCoreModule (ANCM) | Prior to 12.2.18346.0 | >=12.2.18346.0 AspNetCoreModule (ANCM) | Prior to 12.2.18346.0 | >=12.2.18346.0
* ### [CVE-2019-0564: ASP.NET Core Denial Of Service Vulnerability](https://github.com/dotnet/Announcements/issues/XX) * ### [CVE-2019-0564: ASP.NET Core Denial Of Service Vulnerability](https://github.com/aspnet/Announcements/issues/334)
This security vulnerability exists when ASP.NET Core 2.1 and 2.2 improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. This security vulnerability exists when ASP.NET Core 2.1 and 2.2 improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.