.NET February 2021 Updates – 5.0.3, 3.1.12, 2.1.25

Rahul Bhandari (MSFT)

February 9th, 20215 0

Today, we are releasing the .NET February 2021 Updates. These updates contains reliability and security improvements. See the individual release notes for details on updated packages.

You can download 5.0.3 , 3.1.12, 2.1.25 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.

Security

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial-of-service vulnerability exists when creating HTTPS web request during X509 certificate chain building.

CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux.

Improvements

Visual Studio

See release notes for Visual Studio compatibility for .NET Core 2.1 and .NET Core 3.1 and .NET 5.0.

OS Lifecycle update

Alpine 3.13 is now supported with the .NET 5.0.3 update. The operating system support page for .NET 5.0 has been updated to reflect that.

Rahul Bhandari (MSFT) Program Manager, .NET

Read next

5 comments

Discussion is closed. Login to edit/delete existing comments.

  • Max Mustermueller 0

    It would be really amazing if you could make .NET Framework updates to not require a reboot on every update, just like .NET 5/Core updates. This seems like a small issue but with Windows 10 forcing a reboot after some time, we having issues with machines meant to be 24/7 available.<

    • Adriana Solano 0

      Yes, I agree on this one. We are using ARM templates to deploy VMs and the need of a reboot over complicates the process. Would there be an ETA for this request?

  • VARADHA RAJAN K 0

    .net framework does not asked to reboot, so i thanks to the developer team

    ,

  • Jimmy Xie 0

    We can’t download symbol files for .net core 3.1.12 use the following command:
    dotnet symbol –symbols /usr/share/dotnet/shared/Microsoft.NETCore.App/3.1.12/libclrjit.so
    The server says HttpSymbolStore: 404 Not Found ‘http://msdl.microsoft.com/download/symbols/.debug%2Felf-buildid-sym-6dd9daba56b8e42ee0798d70e03043546ec01531%2F.debug’ .
    The above command works in 3.1.11.
    Is there any changes since 3.1.12?

  • Adriana Solano 0

    Will there by any VM images with .NET Framework 4.8 available?

Feedback usabilla icon