You can download 7.0.8 and 6.0.19 versions for Windows, macOS, and Linux, for x86, 圆4, Arm32, and Arm64.
This regression was unintentional and a fix is being offered for affected applications.Īlso documented at. Callers may non-deterministically observe a CryptographicException being thrown by the X509Certificate constructor on those runtimes. NET 6.0.18 and 7.0.7 may fail to import PKCS12 blobs whose private keys are protected by a null password. We learned from customer reports during the week of Jthat. We created a specific exception message with a link to a known issue KB to describe these behavioral changes. The NET 6.0.18 and 7.0.7 updates update added constraints to PFX certificate loading to fix a DoS vulnerability (CVE-2023-29331).
The regression is functional and doesn’t require action on your part unless you are affected by the issue. We have released a second update this month to address a regression in our earlier release (June 13th).
0 kommentar(er)
