.NET February 2024 Updates – .NET 8.0.2, 7.0.16, .NET 6.0.27
source link: https://devblogs.microsoft.com/dotnet/february-2024-updates/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
.NET February 2024 Updates – .NET 8.0.2, 7.0.16, .NET 6.0.27
Rahul Bhandari (MSFT)
Today, we are releasing the .NET February 2024 Updates. These updates contain security and non-security improvements. Your app may be vulnerable if you have not deployed a recent .NET update.
You can download 8.0.2, 7.0.16 and, 6.0.27 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.
Windows Package Manager CLI (winget)
You can now install .NET updates using the Windows Package Manager CLI (winget):
- To install the .NET 8 runtime:
winget install dotnet-runtime-8
- To install the .NET 8 SDK:
winget install dotnet-sdk-8
- To update an existing installation:
winget upgrade
See Install with Windows Package Manager (winget) for more information.
Improvements
- ASP.NET Core: 8.0.2 | 7.0.16 | 6.0.27
- Entity Framework Core: 8.0.2
- Roslyn-Analysers: 8.0.2
- Runtime: 8.0.2 | 7.0.16 | 6.0.27
- SDK: 8.0.2
Security
CVE-2024-21386 – .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET 6.0, ASP.NET 7.0 and, ASP.NET 8.0 . This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.
A vulnerability exists in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.
CVE-2024-21404- .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial-of-service vulnerability exists in .NET with OpenSSL support when parsing X509 certificates.
Visual Studio
See release notes for Visual Studio compatibility for .NET 8.0, .NET 7.0 and, .NET 6.0.
Rahul Bhandari (MSFT) Program Manager, .NET
Follow
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK