.NET September 2022 Updates – .NET 6.0.9 and .NET Core 3.1.29

Dominique Whittaker

September 13th, 20225 2

Today, we are releasing the .NET September 2022 Updates. These updates contain security and non-security improvements. Your app may be vulnerable if you have not deployed a recent .NET update.

You can download 6.0.9 and 3.1.29 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.

Installers and binaries: 6.0.9 | 3.1.28
Release notes: 6.0.9 | 3.1.29
Container images
Linux packages: 6.0.9 | 3.1.29
Release feedback/issue
Known issues: 6.0 | 3.1

Improvements

ASP.NET Core: 6.0.9
EFcore: 6.0.9
Runtime: 6.0.9
Winforms: 6.0.9
Wpf: 6.0.9

Security

CVE 2022-38013: .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A denial of service vulnerability exists in ASP.NET Core 3.1 and .NET 6.0 where a malicious client could cause a stack overflow which may result in a denial of service attack when an attacker sends a customized payload that is parsed during model binding.

Visual Studio

See release notes for Visual Studio compatibility for .NET 6.0 and .NET Core 3.1.

.NET Core 3.1 End of life

.NET Core 3.1 will reach end of life on December 13, 2022, as described in .NET Releases and per .NET Release Policies. After that time, .NET Core 3.1 patch updates will no longer be provided. We recommend that you move any .NET Core 3.1 applications and environments to .NET 6.0. It’ll be an easy upgrade in most cases. The .NET Releases page is the best place to look for release lifecycle information. Knowing key dates helps you make informed decisions about when to upgrade or make other changes to your software and computing environment.

Dominique Whittaker Senior Program Manager

5 comments

Mystery Man September 13, 2022 4:18 pm 0

Hello, Ms. Whittaker. Please double-check the first hyperlink in the article. It is broken.

Dominique Whittaker September 13, 2022 4:22 pm 0

Thank you for that – it’s updated! Hope you’re well 🙂

himanshu mange September 15, 2022 5:08 am 0

.NET Core 3.1 End of life ???

Wasn’t it supposed to be LTS ?

TAYLOR, MICHAEL September 15, 2022 9:38 am 1

As mentioned on the linked support page, lts means supported for 3 years from the time of release. 3.1 was released 3 dec 2019 so that makes eol 3 dec 2022.
- himanshu mange September 21, 2022 11:27 am 0
  
  Got it and lesson learnt. Thanks @Michael

Discussion is closed. Login to edit/delete existing comments.

Mystery Man September 13, 2022 4:18 pm 0

Hello, Ms. Whittaker. Please double-check the first hyperlink in the article. It is broken.
- Dominique Whittaker September 13, 2022 4:22 pm 0
  
  Thank you for that – it’s updated! Hope you’re well 🙂
himanshu mange September 15, 2022 5:08 am 0

.NET Core 3.1 End of life ???

Wasn’t it supposed to be LTS ?
- TAYLOR, MICHAEL September 15, 2022 9:38 am 1
  
  As mentioned on the linked support page, lts means supported for 3 years from the time of release. 3.1 was released 3 dec 2019 so that makes eol 3 dec 2022.
  - himanshu mange September 21, 2022 11:27 am 0
    
    Got it and lesson learnt. Thanks @Michael

.NET September 2022 Updates – .NET 6.0.9 and .NET Core 3.1.29

Improvements

Security

Visual Studio

.NET Core 3.1 End of life

Dominique Whittaker Senior Program Manager

5 comments

Languages

Popular Topics

Learn

Follow

.NET September 2022 Updates – .NET 6.0.9 and .NET Core 3.1.29

Improvements

Security

Visual Studio

.NET Core 3.1 End of life

Dominique Whittaker Senior Program Manager

Read next

5 comments