diff options
author | Rahul Bhandari <rbhanda@microsoft.com> | 2021-05-11 21:00:10 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-05-11 21:00:10 +0300 |
commit | 35d4533cb92ef43d42a7d5697e5ee72f484290c3 (patch) | |
tree | cb9d0719b12329586a84b1416d152bf00bf14057 | |
parent | 5288ba0b68b9e692906a8904deee723ce5c800ef (diff) | |
parent | eb85bbf6eac5d33ab8660d03cfc9c79bf30da12f (diff) |
Update 5.0.6.md
-rw-r--r-- | release-notes/3.1/3.1.15/3.1.15.md | 13 | ||||
-rw-r--r-- | release-notes/5.0/5.0.6/5.0.6.md | 14 |
2 files changed, 14 insertions, 13 deletions
diff --git a/release-notes/3.1/3.1.15/3.1.15.md b/release-notes/3.1/3.1.15/3.1.15.md index f7d71ded..37b077cf 100644 --- a/release-notes/3.1/3.1.15/3.1.15.md +++ b/release-notes/3.1/3.1.15/3.1.15.md @@ -58,12 +58,6 @@ The following repos have been updated. .NET Core 3.1.15 release carries both security and non-security fixes. -# Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability - -Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. - -An elevation of privilage vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on Operating Systems based on Linux or macOS. - * [Blog Roundup][dotnet-blog] * [Known issues](../3.1-known-issues.md) @@ -73,6 +67,13 @@ An elevation of privilage vulnerability exists in .NET 5.0 and .NET Core 3.1 whe * [ASP.NET](https://github.com/dotnet/aspnetcore/pulls?q=milestone%3A3.1.15+is%3Aclosed+label%3Aservicing-approved) * [Extensions](https://github.com/dotnet/extensions/pulls?q=milestone%3A3.1.15+is%3Aclosed+label%3Aservicing-approved) + +### Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability + +Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. + +An elevation of privilage vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on Operating Systems based on Linux or macOS. + ## macOS Notarization Change Running "dotnet build" will generate a dll instead of a dylib on macOS. This is a planned change to not use the AppHost by default on macOS because of [notarization requirements](https://docs.microsoft.com/dotnet/core/install/macos-notarization-issues). If you want to opt into using the AppHost, add the following to your project file: ``` diff --git a/release-notes/5.0/5.0.6/5.0.6.md b/release-notes/5.0/5.0.6/5.0.6.md index 742c0412..299ffa6f 100644 --- a/release-notes/5.0/5.0.6/5.0.6.md +++ b/release-notes/5.0/5.0.6/5.0.6.md @@ -53,24 +53,24 @@ You need [Visual Studio 16.8](https://visualstudio.microsoft.com) or later to us ## Notable Changes .NET 5.0.6 release carries both security and non-security fixes. -# Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability - -Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. - -An elevation of privilage vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on Operating Systems based on Linux or macOS. - * [Blog Roundup][dotnet-blog] * [Known issues](../5.0-known-issues.md) * Resolves [NuGet package restore broken on .NET 5+ with Removal of Trust of Verisign CA](https://github.com/dotnet/announcements/issues/180) * .NET SDK 5.0.202 includes fixes to the runtime and Windows SDK projections with C#/WinRT v1.2.2, including several memory leak fixes. These fixes are for developers targeting a specific Windows SDK version in their project's `TargetFramework`. Refer to the C#/WinRT v1.2.2 [release notes](https://github.com/microsoft/CsWinRT/releases/tag/1.2.2.210413.1) for more details. - Release feature and bug lists:. * [Runtime](https://github.com/dotnet/runtime/issues?q=milestone%3A5.0.6+is%3Aclosed+label%3Aservicing-approved) * [ASP.NET Core](https://github.com/dotnet/aspnetcore/issues?q=milestone%3A5.0.6+is%3Aclosed+label%3Aservicing-approved) * [Winforms](https://github.com/dotnet/winforms/issues?q=milestone%3A5.0.6+is%3Aclosed+label%3Aservicing-approved) +### Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability + +Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. + +An elevation of privilage vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on Operating Systems based on Linux or macOS. + + ## Feedback |