Skip to content

Merging internal commits for release/6.0#87493

Merged
carlossanlop merged 19 commits intodotnet:release/6.0from
vseanreesermsft:internal-merge-6.0-2023-06-13-1011
Jun 13, 2023
Merged

Merging internal commits for release/6.0#87493
carlossanlop merged 19 commits intodotnet:release/6.0from
vseanreesermsft:internal-merge-6.0-2023-06-13-1011

Conversation

@vseanreesermsft
Copy link

@vseanreesermsft vseanreesermsft commented Jun 13, 2023

No description provided.

dotnet-bot and others added 19 commits April 5, 2023 00:35
@dotnet-bot
Merge in 'release/6.0' changes
b559fd0
@dotnet-bot
Merge in 'release/6.0' changes
daf19ba
@dotnet-bot
Merge in 'release/6.0' changes
0573883
@ajcvickers
CVE-2023-24936: Check type is allowed when deserializing insatance ty…
19af94f 
…pes that implements INullable
Merged PR 30055: Check type is allowed when deserializing insatance t…
110c63b 
…ypes that implements INullable

CVE-2023-24936: Check type is allowed when deserializing instance types that implements INullable
@hoyosjs @carlossanlop
Updated MS.DiaSymReader.Native to 16.11.27-beta1.23180.1
3313fd2
@dotnet-bot
Merge in 'release/6.0' changes
b28d386
@dotnet-bot
Merge in 'release/6.0' changes
0c3e073
@dotnet-bot
Merge in 'release/6.0' changes
ea0418c
@dotnet-bot
Merge in 'release/6.0' changes
6e89d2b
@hoyosjs
Change loading sequence for Windows PDB parsing
b296722
@dotnet-bot
Merge in 'release/6.0' changes
bacc9fc
@dotnet-bot
Merge in 'release/6.0' changes
91d8935
@elinor-fung @carlossanlop
Merged PR 31144: [release/6.0] Add delay load hook for singlefilehost…
9fa9da7 
… and enable delay load of version.dll

`coreclr` delay loads `version.dll` and adds a hook such that it loads from the system directory. In single-file, we lost this behaviour since it uses static library version of `coreclr`. This adds the same mechanism to single-file.
@dotnet-bot
Merge in 'release/6.0' changes
e1d69eb
@hoyosjs
[release/6.0] Only use shipped version of symreader
01f26a7
@carlossanlop
Update some Windows server helix queues for mono
320aeb7
@krwq @jozkee
Merged PR 30724: [6.0] Apply iteration work limits to X509 certificat…
c76ac56 
…e loading

Block password-less PKCS12 blobs on X509 certificate loadings/imports and prevent AIA fetching of non-cert types.
@vseanreesermsft
Merge commit 'c76ac565499f3e7c657126d46c00b67a0d74832c' into internal…
0110059 
…-merge-6.0-2023-06-13-1011
@ghost ghost assigned vseanreesermsft Jun 13, 2023
@ghost ghost added the area-System.Security label Jun 13, 2023
@ghost
Copy link

ghost commented Jun 13, 2023

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

null

Author: vseanreesermsft
Assignees: vseanreesermsft
Labels:

area-System.Security
Milestone: -

carlossanlop
carlossanlop approved these changes Jun 13, 2023
View reviewed changes
Copy link
Contributor

@carlossanlop carlossanlop left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reminder to self: Need to reset the OOB packages that came from internal. Will do this in a separate PR that needs to be merged on code complete day next month.

@carlossanlop carlossanlop added Servicing-approved Approved for servicing release area-codeflow for labeling automated codeflow and removed area-System.Security labels Jun 13, 2023
@carlossanlop
Copy link
Contributor

carlossanlop commented Jun 13, 2023

The failure message is unrelated and expected:

src/installer/pkg/sfx/Microsoft.NETCore.App/Microsoft.NETCore.App.Runtime.sfxproj(0,0): error NU1603: (NETCORE_ENGINEERING_TELEMETRY=Restore) Microsoft.NETCore.App.Runtime.osx-x64 depends on Microsoft.DiaSymReader.Native (>= 16.11.27-beta1.23180.1) but Microsoft.DiaSymReader.Native 16.11.27-beta1.23180.1 was not found. An approximate best match of Microsoft.DiaSymReader.Native 17.0.0-beta1.21524.1 was resolved.

It will go away as soon as the new Microsoft.DiaSymReader.Native version is pushed to nuget.

@carlossanlop carlossanlop merged commit 779d886 into dotnet:release/6.0 Jun 13, 2023
@ghost ghost locked as resolved and limited conversation to collaborators Jul 14, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@carlossanlop carlossanlop carlossanlop approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@vseanreesermsft vseanreesermsft

Labels

area-codeflow for labeling automated codeflow Servicing-approved Approved for servicing release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@vseanreesermsft @carlossanlop @dotnet-bot @ajcvickers @hoyosjs @elinor-fung @krwq