dotnet8 (8.0.102-8.0.2-0ubuntu2) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Mon, 04 Mar 2024 17:42:12 +0000

dotnet8 (8.0.102-8.0.2-0ubuntu1) noble; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service
    - CVE-2024-21386: denial of service vector in SignalR server.
  * SECURITY UPDATE: denial of service
    - CVE-2024-21404: .NET with OpenSSL support is vulnerable to a denial of
      service when parsing X509 certificates.

 -- Ian Constantin <ian.constantin@canonical.com>  Thu, 08 Feb 2024 14:02:19 +0200

dotnet8 (8.0.101-8.0.1-0ubuntu2) noble; urgency=medium

  * Added new binary packages for debug symbols.
  * Moved RID-specific targeting packs to dotnet-sdk-8.0 binary package
    per Microsoft documentation. (LP: #2046458)

 -- Mateus Rodrigues de Morais <mateus.morais@canonical.com>  Wed, 17 Jan 2024 17:30:29 -0300

dotnet8 (8.0.101-8.0.1-0ubuntu1) noble; urgency=medium

  * New upstream release
  * SECURITY UPDATE: validation bypass
    - CVE-2024-0057: X509 Certificates - Validation Bypass across Azure
  * SECURITY UPDATE: denial of service
    - CVE-2024-21319: Azure Identity - Pre-Authentication DoS in JWT
  * debian/build-dotnet-tarball.sh: rename function print_err to print_error
  * debian/control: transition to libicu74
  * debian/tests: removed dotnet6-and-dotnet7-and-dotnet8-should-work-together

 -- Ian Constantin <ian.constantin@canonical.com>  Sat, 06 Jan 2024 18:28:44 +0200

dotnet8 (8.0.100-8.0.0-0ubuntu2) noble; urgency=medium

  * No-change rebuild for ICU soname change.

 -- Matthias Klose <doko@ubuntu.com>  Tue, 19 Dec 2023 11:05:39 +0100

dotnet8 (8.0.100-8.0.0-0ubuntu1) noble; urgency=medium

  * New upstream release
  * SECURITY UPDATE: security feature bypass
    - CVE-2023-36558: Security Feature Bypass in Blazor forms
  * SECURITY UPDATE: Arbitrary File Write and Deletion
    - CVE-2023-36049: Microsoft .NET FormatFtpCommand CRLF Injection
      Arbitrary File Write and Deletion
  * debian/patches/0001-Fix-source-built-runtime-version-number.patch: removed
    no longer needed patch.
 -- Ian Constantin <ian.constantin@canonical.com>  Mon, 13 Nov 2023 15:13:03 +0200

dotnet8 (8.0.100-8.0.0~rc2-0ubuntu2) noble; urgency=medium

  * d/p/0001-Fix-source-built-runtime-version-number.patch: Fix
    source-built runtime version number. (LP: #2040547)

 -- Mateus Rodrigues de Morais <mateus.morais@canonical.com>  Thu, 26 Oct 2023 08:52:11 -0300

dotnet8 (8.0.100-8.0.0~rc2-0ubuntu1) mantic-security; urgency=medium

  * New upstream release.
  * SECURITY UPDATE: denial of service
    - CVE-2023-44487: Denial of service - Kestrel server.
  * debian/tests/cli-metadata-should-be-correct: updated regex for the Host
    Runtime Version check.

  [ Mateus Rodrigues de Morais ]
  * debian/rules: removed uneeded sym link for
    $(DOTNET_TOP)/source-built-artifacts/Private.SourceBuilt.Prebuilts.*.tar.gz
  * debian/lintian: additional lintian overrides added.

 -- Ian Constantin <ian.constantin@canonical.com>  Wed, 18 Oct 2023 21:05:17 +0300

dotnet8 (8.0.100-8.0.0~rc1-0ubuntu1) mantic; urgency=medium

  * Initial release (LP: #2025261)

 -- Mateus Rodrigues de Morais <mateus.morais@canonical.com>  Thu, 05 Oct 2023 15:58:22 -0300
