Microsoft has posted an open version of the .NET Core update. It covers .NET Core 1.0.12, .NET Core 1.1.9, .NET Core 2.0.9, and .NET Core 2.1.2.
Key changes in .NET Core
Microsoft focused on solving security problems. Fixed some vulnerabilities in ASP.NET Core. Fixed a bug when interrupting an incorrect request, allowing an attacker to implement a denial-of-service attack. In addition, the company has compiled a guide for developers, in whose products this vulnerability is present.
Fixed an error that allowed to produce an infinite number of authorization attempts. Vulnerability made the product unstable to brute force. Now the application will count the number of authentication attempts.
In ASP.NET Core, a bug in the processing of certificates has been fixed, which made it possible to present data with an expired term on demand.
Download is available at Microsoft website.
NET Core 2.1 came out in late May 2018, and Microsoft regularly updates this platform.