New
#1
@Brink
Think I'm gonna need a translation there...
Today, we are releasing the .NET February 2021 Updates. These updates contains reliability and security improvements. See the individual release notes for details on updated packages.
You can download 5.0.3 , 3.1.12, 2.1.25 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.
- Installers and binaries: 5.0.3 | 3.1.12 | 2.1.25
- Release notes: 5.0.3 | 3.1.12 | 2.1.25
- Container images
- Linux packages: 5.0.3 | 3.1.12 | 2.1.25
- Release feedback/issues
- Known issues: 5.0 | 3.1 | 2.1
Security
CVE-2021-1721: .NET Core Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial-of-service vulnerability exists when creating HTTPS web request during X509 certificate chain building.
CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux.
Improvements
- Runtime : 5.0.3 | 3.1.12
- ASP.NET Core : 5.0.3 | 3.1.12 | 2.1.25
- EntityFramework Core : 5.0.3
- CoreCLR: 3.1.12
- Winforms: 5.0.3 | 3.1.12
Visual Studio
See release notes for Visual Studio compatibility for .NET Core 2.1 and .NET Core 3.1 and .NET 5.0.
OS Lifecycle update
Alpine 3.13 is now supported with the .NET 5.0.3 update. The operating system support page for .NET 5.0 has been updated to reflect that.
Rahul Bhandari
Source: https://devblogs.microsoft.com/dotne...february-2021/