Detections
Analytics

RHEL 7 : .NET Core on Red Hat Enterprise Linux (RHSA-2018:2167)

low Nessus Plugin ID 111031

Language:

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updates for rh-dotnet20-dotnet, rh-dotnet21-dotnet, rh-dotnetcore10-dotnetcore, and rh-dotnetcore11-dotnetcore are now available for .NET Core on Red Hat Enterprise Linux.

Red Hat Product Security has rated this update as having a security impact of Low.

.NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.12, 1.1.9, 2.0.9, and 2.1.2.

These versions correspond to the July 2018 security release by .NET Core upstream projects.

Security Fix(es) :

Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes.

For more information, please refer to the upstream docs :

* .NET Core 1.0.12: https://github.com/dotnet/core/issues/1768

* .NET Core 1.1.9: https://github.com/dotnet/core/issues/1767

* .NET Core 2.0.9: https://github.com/dotnet/core/issues/1766

* .NET Core 2.1.2: https://github.com/dotnet/core/issues/1765

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2018:2167

Plugin Details

Severity: Low

ID: 111031

File Name: redhat-RHSA-2018-2167.nasl

Version: 1.6

Type: local

Agent: unix

Published: 7/12/2018

Updated: 10/24/2019

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-curl, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-curl-debuginfo, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-dotnet, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-dotnet-debuginfo, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-dotnet-host, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-dotnet-runtime-2.0, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-dotnet-sdk-2.1, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-libcurl, p-cpe:/a:redhat:enterprise_linux:rh-dotnet20-libcurl-devel, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-debuginfo, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1, p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.3xx, p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore, p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore10-dotnetcore-debuginfo, p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore, p-cpe:/a:redhat:enterprise_linux:rh-dotnetcore11-dotnetcore-debuginfo, cpe:/o:redhat:enterprise_linux:7

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 7/11/2018

Vulnerability Publication Date: 7/11/2018

Reference Information

RHSA: 2018:2167