Red Hat Product Errata RHSA-2021:0788 - Security Advisory

Issued:: 2021-03-09
Updated:: 2021-03-09

RHSA-2021:0788 - Security Advisory

Overview
Updated Packages

Synopsis

Important: dotnet security and bugfix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for .NET Core 2.1 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26.

Security Fix(es):

dotnet: System.Text.Encodings.Web Remote Code Execution (CVE-2021-26701)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Fixes

BZ - 1933740 - CVE-2021-26701 dotnet: System.Text.Encodings.Web Remote Code Execution

CVEs

CVE-2021-26701

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
dotnet-2.1.522-1.el8_3.src.rpm	SHA-256: 353bdcda004424f687a0a46f5000d64d099903e9904604bd4027bf7574604ce0
x86_64
dotnet-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: e6064d341902f7459811a623cdb32f8ec95c60316dc753949bec08eb10172fe5
dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 7aed07ae12ed968c35fef3139829dd3bf9330dd4d526f9819d193d66e2b659f4
dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 4d1bf6557e813cc0864ef80e4d3e74ae1d8ecf25ed9fc91cf10d4e6e5244b788
dotnet-host-fxr-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 19f989e489a9b8e8a3616e47bd26a9cbc0f7eead401bcfbad2db70453dfd936e
dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 954b10ad9fe7684bdf1bdd2d1e6f19596c07a377cf03943d35f5994d6b54754e
dotnet-runtime-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 96b6c4bfb1756fefeda25e33deea1d5892164ee6586ac52d55e66419c3e3ee94
dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 1bb599133418e855fe04ac3185f0d0077ccf5502d1ae2eaa4e2eca2ba733d14a
dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 44179c979f85fbb85f343ac1755850c35a0d0461651203763f433bae793e39b7
dotnet-sdk-2.1.5xx-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 379655462cadff97b0fd288fd9c77df1c79676427674083a892ade96faa9366f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM
dotnet-2.1.522-1.el8_3.src.rpm	SHA-256: 353bdcda004424f687a0a46f5000d64d099903e9904604bd4027bf7574604ce0
x86_64
dotnet-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: e6064d341902f7459811a623cdb32f8ec95c60316dc753949bec08eb10172fe5
dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 7aed07ae12ed968c35fef3139829dd3bf9330dd4d526f9819d193d66e2b659f4
dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 4d1bf6557e813cc0864ef80e4d3e74ae1d8ecf25ed9fc91cf10d4e6e5244b788
dotnet-host-fxr-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 19f989e489a9b8e8a3616e47bd26a9cbc0f7eead401bcfbad2db70453dfd936e
dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 954b10ad9fe7684bdf1bdd2d1e6f19596c07a377cf03943d35f5994d6b54754e
dotnet-runtime-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 96b6c4bfb1756fefeda25e33deea1d5892164ee6586ac52d55e66419c3e3ee94
dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 1bb599133418e855fe04ac3185f0d0077ccf5502d1ae2eaa4e2eca2ba733d14a
dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 44179c979f85fbb85f343ac1755850c35a0d0461651203763f433bae793e39b7
dotnet-sdk-2.1.5xx-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 379655462cadff97b0fd288fd9c77df1c79676427674083a892ade96faa9366f

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
dotnet-2.1.522-1.el8_3.src.rpm	SHA-256: 353bdcda004424f687a0a46f5000d64d099903e9904604bd4027bf7574604ce0
x86_64
dotnet-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: e6064d341902f7459811a623cdb32f8ec95c60316dc753949bec08eb10172fe5
dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 7aed07ae12ed968c35fef3139829dd3bf9330dd4d526f9819d193d66e2b659f4
dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 4d1bf6557e813cc0864ef80e4d3e74ae1d8ecf25ed9fc91cf10d4e6e5244b788
dotnet-host-fxr-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 19f989e489a9b8e8a3616e47bd26a9cbc0f7eead401bcfbad2db70453dfd936e
dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 954b10ad9fe7684bdf1bdd2d1e6f19596c07a377cf03943d35f5994d6b54754e
dotnet-runtime-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 96b6c4bfb1756fefeda25e33deea1d5892164ee6586ac52d55e66419c3e3ee94
dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 1bb599133418e855fe04ac3185f0d0077ccf5502d1ae2eaa4e2eca2ba733d14a
dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 44179c979f85fbb85f343ac1755850c35a0d0461651203763f433bae793e39b7
dotnet-sdk-2.1.5xx-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 379655462cadff97b0fd288fd9c77df1c79676427674083a892ade96faa9366f

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
dotnet-2.1.522-1.el8_3.src.rpm	SHA-256: 353bdcda004424f687a0a46f5000d64d099903e9904604bd4027bf7574604ce0
x86_64
dotnet-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: e6064d341902f7459811a623cdb32f8ec95c60316dc753949bec08eb10172fe5
dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 7aed07ae12ed968c35fef3139829dd3bf9330dd4d526f9819d193d66e2b659f4
dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 4d1bf6557e813cc0864ef80e4d3e74ae1d8ecf25ed9fc91cf10d4e6e5244b788
dotnet-host-fxr-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 19f989e489a9b8e8a3616e47bd26a9cbc0f7eead401bcfbad2db70453dfd936e
dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 954b10ad9fe7684bdf1bdd2d1e6f19596c07a377cf03943d35f5994d6b54754e
dotnet-runtime-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 96b6c4bfb1756fefeda25e33deea1d5892164ee6586ac52d55e66419c3e3ee94
dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 1bb599133418e855fe04ac3185f0d0077ccf5502d1ae2eaa4e2eca2ba733d14a
dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 44179c979f85fbb85f343ac1755850c35a0d0461651203763f433bae793e39b7
dotnet-sdk-2.1.5xx-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 379655462cadff97b0fd288fd9c77df1c79676427674083a892ade96faa9366f

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

SRPM
dotnet-2.1.522-1.el8_3.src.rpm	SHA-256: 353bdcda004424f687a0a46f5000d64d099903e9904604bd4027bf7574604ce0
x86_64
dotnet-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: e6064d341902f7459811a623cdb32f8ec95c60316dc753949bec08eb10172fe5
dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 7aed07ae12ed968c35fef3139829dd3bf9330dd4d526f9819d193d66e2b659f4
dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 4d1bf6557e813cc0864ef80e4d3e74ae1d8ecf25ed9fc91cf10d4e6e5244b788
dotnet-host-fxr-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 19f989e489a9b8e8a3616e47bd26a9cbc0f7eead401bcfbad2db70453dfd936e
dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 954b10ad9fe7684bdf1bdd2d1e6f19596c07a377cf03943d35f5994d6b54754e
dotnet-runtime-2.1-debuginfo-2.1.26-1.el8_3.x86_64.rpm	SHA-256: 96b6c4bfb1756fefeda25e33deea1d5892164ee6586ac52d55e66419c3e3ee94
dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 1bb599133418e855fe04ac3185f0d0077ccf5502d1ae2eaa4e2eca2ba733d14a
dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 44179c979f85fbb85f343ac1755850c35a0d0461651203763f433bae793e39b7
dotnet-sdk-2.1.5xx-debuginfo-2.1.522-1.el8_3.x86_64.rpm	SHA-256: 379655462cadff97b0fd288fd9c77df1c79676427674083a892ade96faa9366f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories