Sourced from MessagePack's releases.

2.5.301

Security release

This release fixes 2 high severity and 9 moderate severity security vulnerabilities as listed below.

This release is missing #​2269 from the v2.5.205 release. We recommend folks adopt the v2.5.302 release which has all the security fixes combined.

High severity advisory fixes

• 696b4a76 GHSA-vh6j-jc39-fggf Use iteration for skipping msgpack structures for CWE-674
• 3538bc11 GHSA-hv8m-jj95-wg3x Bound LZ4 input reads for CWE-125

Moderage severity advisory fixes

• 853429a0 GHSA-v72x-2h86-7f8m Guard LZ4 decompression length for CWE-409
• 826f17c7 GHSA-qhmf-xw27-6rqr Reject nested typeless blocklist bypass for CWE-502
• c98d31f2 GHSA-2f33-pr97-265q Default MVC input formatter to UntrustedData for CWE-1188
• ae90f2b1 GHSA-2x83-8g95-xh59 Limit untrusted ExpandoObject maps for CWE-407
• 940b8508 GHSA-wfr3-xj75-pfwh Guard dynamic union depth for CWE-674
• e01f07cf GHSA-w567-gjr2-hm5j Validate Unity blit lengths for CWE-789
• dc6f6324 GHSA-cxmj-83gh-fp49 Fix CWE-789 multidimensional array allocation validation
• e97f71e7 GHSA-q2h6-ghwm-5qm8 Use secure lookup comparer for CWE-407
• 7b12e5b5 GHSA-cj9g-3mj2-g8vv Guard JSON conversion depth for CWE-674
• a3c8a183 GHSA-cj9g-3mj2-g8vv Avoid JSON separator recursion for CWE-674
• 96743523 GHSA-cj9g-3mj2-g8vv Guard typeless JSON depth for CWE-674

Fixes with no security advisory

• 814bc4c1 Honor TypeFormatter options hooks for CWE-470
• b0f8c5e2 Fix WriteRawX methods to advance by written length
• 0124048c Fix CWE-190 map header length overflow

2.5.205

What's Changed

• Fix repo url by @​tomap in Fix repo url MessagePack-CSharp/MessagePack-CSharp#2065
• Update DynamicAssembly usage to honor different AssemblyLoadContext's by @​BertanAygun in Update DynamicAssembly usage to honor different AssemblyLoadContext's MessagePack-CSharp/MessagePack-CSharp#2183
• Add more types to the default disallow list of named types to be deserialized by @​AArnott in Add more types to the default disallow list of named types to be deserialized MessagePack-CSharp/MessagePack-CSharp#2263
• Add several known unsafe 'gadgets' to the disallow list by @​AArnott in Add several known unsafe 'gadgets' to the disallow list MessagePack-CSharp/MessagePack-CSharp#2269

New Contributors

• @​tomap made their first contribution in Fix repo url MessagePack-CSharp/MessagePack-CSharp#2065

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v2.5.192...v2.5.205

2.5.198

What's Changed

• Fix repo url by @​tomap in Fix repo url MessagePack-CSharp/MessagePack-CSharp#2065
• Update DynamicAssembly usage to honor different AssemblyLoadContext's by @​BertanAygun in Update DynamicAssembly usage to honor different AssemblyLoadContext's MessagePack-CSharp/MessagePack-CSharp#2183

New Contributors

• @​tomap made their first contribution in Fix repo url MessagePack-CSharp/MessagePack-CSharp#2065

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v2.5.192...v2.5.198

Commits viewable in compare view.

Sourced from Microsoft.AspNetCore.SignalR.Protocols.MessagePack's releases.

8.0.28

Release

What's Changed

• Update branding to 8.0.28 by @​vseanreesermsft in Update branding to 8.0.28 dotnet/aspnetcore#66589
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#66556
• [release/8.0] Update dependencies from dotnet/source-build-assets by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-assets dotnet/aspnetcore#66471
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#66344
• [release/8.0] Strip UTF-8 BOM from template localization files and remove version override by @​wtgodbe in [release/8.0] Strip UTF-8 BOM from template localization files and remove version override dotnet/aspnetcore#66427
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#66662

Full Changelog: dotnet/aspnetcore@v8.0.27...v8.0.28

8.0.27

Release

What's Changed

• [release/8.0] Update branding to 8.0.27 by @​vseanreesermsft in [release/8.0] Update branding to 8.0.27 dotnet/aspnetcore#66205
• [release/8.0] Update NPM dependencies by @​wtgodbe in [release/8.0] Update NPM dependencies dotnet/aspnetcore#66052
• [release/8.0] Move off of dead-lettered Windows preview helix queue by @​wtgodbe in [release/8.0] Move off of dead-lettered Windows preview helix queue dotnet/aspnetcore#66220
• [release/8.0] (deps): Bump src/submodules/googletest from 73a63ea to d72f9c8 by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from 73a63ea to d72f9c8 dotnet/aspnetcore#66087
• [release/8.0] Replace dn-bot-dnceng-build-rw-code-rw PAT with WIF service connection in mirror-within-azdo by @​missymessa in [release/8.0] Replace dn-bot-dnceng-build-rw-code-rw PAT with WIF service connection in mirror-within-azdo dotnet/aspnetcore#66115
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#66216
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#66081
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#66131
• [release/8.0] Update @​azure/msal-browser from 2.x to 4.x by @​wtgodbe in [release/8.0] Update @azure/msal-browser from 2.x to 4.x dotnet/aspnetcore#66236
• [release/8.0] Use source-build-assets repo by @​NikolaMilosavljevic in [release/8.0] Use source-build-assets repo dotnet/aspnetcore#66276
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#66317

Full Changelog: dotnet/aspnetcore@v8.0.26...v8.0.27

8.0.26

Release

What's Changed

• [release/8.0] Update branding to 8.0.26 by @​vseanreesermsft in [release/8.0] Update branding to 8.0.26 dotnet/aspnetcore#65635
• [release/8.0] (deps): Bump src/submodules/googletest from 56efe39 to 73a63ea by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from 56efe39 to 73a63ea dotnet/aspnetcore#65586
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#65581
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#65621
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#65615
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#65730

Full Changelog: dotnet/aspnetcore@v8.0.25...v8.0.26

8.0.25

Release

What's Changed

• Update branding to 8.0.25 by @​vseanreesermsft in Update branding to 8.0.25 dotnet/aspnetcore#65293
• [release/8.0] (deps): Bump src/submodules/googletest from 9156d4c to 56efe39 by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from 9156d4c to 56efe39 dotnet/aspnetcore#65289
• [release/8.0] Add support for hotfix branding by @​mmitche in [release/8.0] Add support for hotfix branding dotnet/aspnetcore#65252
• [release/8.0] Remove package baseline infrastructure by @​Copilot in [release/8.0] Remove package baseline infrastructure dotnet/aspnetcore#65209
• [release/8.0] Set network isolation policy for aspnetcore-ci by @​github-actions[bot] in [release/8.0] Set network isolation policy for aspnetcore-ci dotnet/aspnetcore#65173
• [release/8.0] Fix URL format for JDK download on linux by @​github-actions[bot] in [release/8.0] Fix URL format for JDK download on linux dotnet/aspnetcore#65076
• [release/8.0] Disable parallel restore for Grpc JsonTranscoding by @​github-actions[bot] in [release/8.0] Disable parallel restore for Grpc JsonTranscoding dotnet/aspnetcore#65073
• [release/8.0] Update Ubuntu queue to 22.04 by @​github-actions[bot] in [release/8.0] Update Ubuntu queue to 22.04 dotnet/aspnetcore#65299
• [release/8.0] Re-enable Nuget Audit by @​wtgodbe in [release/8.0] Re-enable Nuget Audit dotnet/aspnetcore#65328
• [release/8.0] Don't use netcoreapp2.1 in dotnet-getdocument by @​wtgodbe in [release/8.0] Don't use netcoreapp2.1 in dotnet-getdocument dotnet/aspnetcore#65331
• [release/8.0] Update AzureIdentityVersion to 1.11.4 by @​wtgodbe in [release/8.0] Update AzureIdentityVersion to 1.11.4 dotnet/aspnetcore#65332
• [release/8.0] Disable parallel restore for linker tests by @​wtgodbe in [release/8.0] Disable parallel restore for linker tests dotnet/aspnetcore#65375
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#65382
• [release/8.0] Switch to non-preview 2022 queue by @​github-actions[bot] in [release/8.0] Switch to non-preview 2022 queue dotnet/aspnetcore#65413

Full Changelog: dotnet/aspnetcore@v8.0.24...v8.0.25

8.0.24

Release

8.0.23

Release

What's Changed

https://devblogs.microsoft.com/dotnet/dotnet-and-dotnet-framework-january-2026-servicing-updates/#release-changelogs

8.0.22

Release

What's Changed

• Update branding to 8.0.22 by @​vseanreesermsft in Update branding to 8.0.22 dotnet/aspnetcore#63949
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#63664
• [release/8.0] (http2): Lower WINDOWS_UPDATE received on (half)closed stream to stream abortion by @​DeagleGross in [release/8.0] (http2): Lower WINDOWS_UPDATE received on (half)closed stream to stream abortion dotnet/aspnetcore#63903
• [release/8.0] (deps): Bump src/submodules/googletest from eb2d85e to 9706f75 by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from eb2d85e to 9706f75 dotnet/aspnetcore#63893
• [release/8.0] Fixed devtools url used for debug with chrome and edge by @​github-actions[bot] in [release/8.0] Fixed devtools url used for debug with chrome and edge dotnet/aspnetcore#62080
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63665
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63957
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#64035
• Mark productVersion.txt as shipping artifact in 8.0 by @​Copilot in Mark productVersion.txt as shipping artifact in 8.0 dotnet/aspnetcore#64067
• Revert log level severity for unknown proxy in ForwardedHeadersMiddleware by @​BrennanConroy in Revert log level severity for unknown proxy in ForwardedHeadersMiddleware dotnet/aspnetcore#64090

Full Changelog: dotnet/aspnetcore@v8.0.21...v8.0.22

8.0.21

Release

What's Changed

• Update branding to 8.0.21 by @​vseanreesermsft in Update branding to 8.0.21 dotnet/aspnetcore#63509
• [release/8.0] (deps): Bump src/submodules/googletest from 373af2e to eb2d85e by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from 373af2e to eb2d85e dotnet/aspnetcore#63500
• [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @​github-actions[bot] in [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key dotnet/aspnetcore#63250
• [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @​github-actions[bot] in [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job dotnet/aspnetcore#63466
• [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @​github-actions[bot] in [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough dotnet/aspnetcore#63534
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63261
• [release/8.0] Use wait assert in flaky tests by @​ilonatommy in [release/8.0] Use wait assert in flaky tests dotnet/aspnetcore#63565
• [release/8.0] Update Microsoft.Build versions by @​github-actions[bot] in [release/8.0] Update Microsoft.Build versions dotnet/aspnetcore#62507
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#63603
• backport(8.0): Fix runtime architecture detection logic in ANCM by @​DeagleGross in backport(8.0): Fix runtime architecture detection logic in ANCM dotnet/aspnetcore#63706

Full Changelog: dotnet/aspnetcore@v8.0.20...v8.0.21

8.0.20

Release

What's Changed

• Update branding to 8.0.20 by @​vseanreesermsft in Update branding to 8.0.20 dotnet/aspnetcore#63106
• [release/8.0] (deps): Bump src/submodules/googletest from c67de11 to 373af2e by @​dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from c67de11 to 373af2e dotnet/aspnetcore#63038
• [release/8.0] Dispose the certificate chain elements with the chain by @​MackinnonBuck in [release/8.0] Dispose the certificate chain elements with the chain dotnet/aspnetcore#62994
• [release/8.0] Update SignalR Redis tests to use internal Docker Hub mirror by @​github-actions[bot] in [release/8.0] Update SignalR Redis tests to use internal Docker Hub mirror dotnet/aspnetcore#63117
• [release/8.0] [SignalR] Don't throw for message headers in Java client by @​github-actions[bot] in [release/8.0] [SignalR] Don't throw for message headers in Java client dotnet/aspnetcore#62784
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#63152
• [release/8.0] Update dependencies from dotnet/extensions by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/extensions dotnet/aspnetcore#63188
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#63189

Full Changelog: dotnet/aspnetcore@v8.0.19...v8.0.20

8.0.18

Release

What's Changed

• Update branding to 8.0.18 by @​vseanreesermsft in Update branding to 8.0.18 dotnet/aspnetcore#62241
• [release/8.0] Update Alpine helix references by @​github-actions in [release/8.0] Update Alpine helix references dotnet/aspnetcore#62243
• [release/8.0] (deps): Bump src/submodules/googletest from 04ee1b4 to e9092b1 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 04ee1b4 to e9092b1 dotnet/aspnetcore#62201
• [8.0] Delete src/arcade directory by @​akoeplinger in [8.0] Delete src/arcade directory dotnet/aspnetcore#61994
• [Backport 8.0] [IIS] Manually parse exe bitness (#​61894) by @​BrennanConroy in [Backport 8.0] [IIS] Manually parse exe bitness (#61894) dotnet/aspnetcore#62037
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#62006
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#61944
• [release/8.0] Associate tagged keys with entries so replacements are not evicted by @​github-actions in [release/8.0] Associate tagged keys with entries so replacements are not evicted dotnet/aspnetcore#62247
• [release/8.0] Block test that is failing after switching to latest-chrome by @​github-actions in [release/8.0] Block test that is failing after switching to latest-chrome dotnet/aspnetcore#62284
• backport(net8.0): http.sys on-demand TLS client hello retrieval by @​DeagleGross in backport(net8.0): http.sys on-demand TLS client hello retrieval dotnet/aspnetcore#62290
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#62302

Full Changelog: dotnet/aspnetcore@v8.0.17...v8.0.18

8.0.17

Bug Fixes

• Forwarded Headers Middleware: Ignore X-Forwarded-Headers from Unknown Proxy (#​61623)
  The Forwarded Headers Middleware now ignores X-Forwarded-Headers sent from unknown proxies. This change improves security by ensuring that only trusted proxies can influence the forwarded headers, preventing potential spoofing or misrouting of requests.

Dependency Updates

• Update dependencies from dotnet/arcade (#​61832)
  This update brings in the latest changes from the dotnet/arcade repository, ensuring that ASP.NET Core benefits from recent improvements, bug fixes, and security patches in the shared build infrastructure.

• Bump src/submodules/googletest from 52204f7 to 04ee1b4 (#​61761)
  The GoogleTest submodule has been updated to a newer commit, providing the latest testing features, bug fixes, and performance improvements for the project's C++ test components.

Miscellaneous

• Update branding to 8.0.17 (#​61830)
  The project version branding has been updated to reflect the new 8.0.17 release, ensuring consistency across build outputs and documentation.

• Merging internal commits for release/8.0 (#​61924)
  This change merges various internal commits into the release/8.0 branch, incorporating minor fixes, documentation updates, and other non-user-facing improvements to keep the release branch up to date.

This summary is generated and may contain inaccuracies. For complete details, please review the linked pull requests.

Full Changelog: dotnet/aspnetcore@v8.0.16...v8.0.17

8.0.16

Release

What's Changed

• Update branding to 8.0.16 by @​vseanreesermsft in Update branding to 8.0.16 dotnet/aspnetcore#61283
• [release/8.0] (deps): Bump src/submodules/googletest from 24a9e94 to 52204f7 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 24a9e94 to 52204f7 dotnet/aspnetcore#61260
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#61281
• [release/8.0] Upgrade to Ubuntu 22 by @​wtgodbe in [release/8.0] Upgrade to Ubuntu 22 dotnet/aspnetcore#61216
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#60901
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#60926
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#61404
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#61398
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#61411
• Revert "Revert "[release/8.0] Update remnants of azureedge.net"" by @​wtgodbe in Revert "Revert "[release/8.0] Update remnants of azureedge.net"" dotnet/aspnetcore#60352
• [release/8.0] Fix preserving messages for stateful reconnect with backplane by @​BrennanConroy in [release/8.0] Fix preserving messages for stateful reconnect with backplane dotnet/aspnetcore#61375
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#61442
• fetch TLS client hello message from HTTP.SYS by @​BrennanConroy in fetch TLS client hello message from HTTP.SYS dotnet/aspnetcore#61494

Full Changelog: dotnet/aspnetcore@v8.0.15...v8.0.16

8.0.15

Release

What's Changed

• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#60355
• Update branding to 8.0.15 by @​vseanreesermsft in Update branding to 8.0.15 dotnet/aspnetcore#60784
• Add partitioned to cookie for SignalR browser testing by @​BrennanConroy in Add partitioned to cookie for SignalR browser testing dotnet/aspnetcore#60728
• [release/8.0] (deps): Bump src/submodules/googletest from e235eb3 to 24a9e94 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from e235eb3 to 24a9e94 dotnet/aspnetcore#60677
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#60879

Full Changelog: dotnet/aspnetcore@v8.0.14...v8.0.15

8.0.14

Release

What's Changed

• Update branding to 8.0.14 by @​vseanreesermsft in Update branding to 8.0.14 dotnet/aspnetcore#60197
• [release/8.0] (deps): Bump src/submodules/googletest from 7d76a23 to e235eb3 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 7d76a23 to e235eb3 dotnet/aspnetcore#60150
• [release/8.0] Fix java discovery in IdentityModel pipeline by @​wtgodbe in [release/8.0] Fix java discovery in IdentityModel pipeline dotnet/aspnetcore#60075
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#60199
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#59922
• [release/8.0] Readd DiagnosticSource to KestrelServerImpl by @​github-actions in [release/8.0] Readd DiagnosticSource to KestrelServerImpl dotnet/aspnetcore#60203
• [release/8.0] Update to MacOS 15 in Helix by @​github-actions in [release/8.0] Update to MacOS 15 in Helix dotnet/aspnetcore#60239
• [release/8.0] Use the latest available JDK by @​wtgodbe in [release/8.0] Use the latest available JDK dotnet/aspnetcore#60233
• [release/8.0] Fix skip condition for java tests by @​github-actions in [release/8.0] Fix skip condition for java tests dotnet/aspnetcore#60243
• [release/8.0] Update list of helix queues to skip by @​wtgodbe in [release/8.0] Update list of helix queues to skip dotnet/aspnetcore#60231
• [release/8.0] [Blazor] Allow cascading value subscribers to get added and removed during change notification by @​github-actions in [release/8.0] [Blazor] Allow cascading value subscribers to get added and removed during change notification dotnet/aspnetcore#57288
• [release/8.0] Update remnants of azureedge.net by @​sebastienros in [release/8.0] Update remnants of azureedge.net dotnet/aspnetcore#60264
• [release/8.0] Centralize on one docker container by @​wtgodbe in [release/8.0] Centralize on one docker container dotnet/aspnetcore#60299
• Revert "[release/8.0] Update remnants of azureedge.net" by @​wtgodbe in Revert "[release/8.0] Update remnants of azureedge.net" dotnet/aspnetcore#60324
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#60316

Full Changelog: dotnet/aspnetcore@v8.0.13...v8.0.14

8.0.13

Release

What's Changed

• [release/8.0] Update dotnetbuilds CDN to new endpoint by @​mmitche in [release/8.0] Update dotnetbuilds CDN to new endpoint dotnet/aspnetcore#59575
• Update branding to 8.0.13 by @​vseanreesermsft in Update branding to 8.0.13 dotnet/aspnetcore#59756
• [release/8.0] Skip MVC template tests on HelixQueueArmDebian12 by @​wtgodbe in [release/8.0] Skip MVC template tests on HelixQueueArmDebian12 dotnet/aspnetcore#59295
• [release/8.0] Update OSX helix queue by @​github-actions in [release/8.0] Update OSX helix queue dotnet/aspnetcore#59742
• [release/8.0] (deps): Bump src/submodules/googletest from d144031 to 7d76a23 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from d144031 to 7d76a23 dotnet/aspnetcore#59678
• [release/8.0] Skip tests on internal queues too by @​github-actions in [release/8.0] Skip tests on internal queues too dotnet/aspnetcore#59579
• [release/8.0] Fix Kestrel host header mismatch handling when port in Url by @​BrennanConroy in [release/8.0] Fix Kestrel host header mismatch handling when port in Url dotnet/aspnetcore#59403
• Migrate off of Debian 11 by @​v-firzha in Migrate off of Debian 11 dotnet/aspnetcore#59584
• [release/8.0] Pin to S.T.J 8.0.5 in Analyzers by @​wtgodbe in [release/8.0] Pin to S.T.J 8.0.5 in Analyzers dotnet/aspnetcore#59777
• [release/8.0] [Blazor WASM standalone] Avoid caching index.html during development by @​github-actions in [release/8.0] [Blazor WASM standalone] Avoid caching index.html during development dotnet/aspnetcore#59349
• Update to Fedora 41 by @​BrennanConroy in Update to Fedora 41 dotnet/aspnetcore#59817
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#59811
• [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#59825
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#59864
• [release/8.0] Fix/update docker tags by @​wtgodbe in [release/8.0] Fix/update docker tags dotnet/aspnetcore#59867
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#59872

Full Changelog: dotnet/aspnetcore@v8.0.12...v8.0.13

8.0.12

Release

What's Changed

• Update branding to 8.0.12 by @​vseanreesermsft in Update branding to 8.0.12 dotnet/aspnetcore#58800
• [release/8.0] (deps): Bump src/submodules/googletest from 6dae7eb to 1204d63 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 6dae7eb to 1204d63 dotnet/aspnetcore#58741
• Add scope for internal npm packages by @​BrennanConroy in Add scope for internal npm packages dotnet/aspnetcore#58512
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#58477
• [release/8.0] Upgrade serialize-javascript transient dependency by @​MackinnonBuck in [release/8.0] Upgrade serialize-javascript transient dependency dotnet/aspnetcore#58466
• [release/8.0] Update Messagepack dependency by @​wtgodbe in [release/8.0] Update Messagepack dependency dotnet/aspnetcore#58676
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#58898
• [release/8.0] Use MacOS-13 in CI by @​wtgodbe in [release/8.0] Use MacOS-13 in CI dotnet/aspnetcore#58549
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#59065
• [release/8.0] Fix java discovery in helix-matrix by @​wtgodbe in [release/8.0] Fix java discovery in helix-matrix dotnet/aspnetcore#59181
• [release/8.0] Update dependencies from dotnet/roslyn by @​wtgodbe in [release/8.0] Update dependencies from dotnet/roslyn dotnet/aspnetcore#59184
• [release/8.0] (deps): Bump src/submodules/googletest from 1204d63 to d144031 by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 1204d63 to d144031 dotnet/aspnetcore#59033

Full Changelog: dotnet/aspnetcore@v8.0.11...v8.0.12

8.0.11

Release

What's Changed

• Update branding to 8.0.11 by @​vseanreesermsft in Update branding to 8.0.11 dotnet/aspnetcore#58198
• [release/8.0] (deps): Bump src/submodules/googletest from ff233bd to 6dae7eb by @​dependabot in [release/8.0] (deps): Bump src/submodules/googletest from ff233bd to 6dae7eb dotnet/aspnetcore#58180
• [release/8.0] Add explicit conversion for value-type returning handlers with filters by @​captainsafia in [release/8.0] Add explicit conversion for value-type returning handlers with filters dotnet/aspnetcore#57966
• [release/8.0] Stop using Mac 11 in Helix by @​wtgodbe in [release/8.0] Stop using Mac 11 in Helix dotnet/aspnetcore#58063
• [release/8.0] Enable TSA/Policheck by @​github-actions in [release/8.0] Enable TSA/Policheck dotnet/aspnetcore#58124
• [release/8.0] (deps): Bump src/submodules/MessagePack-CSharp from ecc4e18 to 9511905 by @​dependabot in [release/8.0] (deps): Bump src/submodules/MessagePack-CSharp from ecc4e18 to 9511905 dotnet/aspnetcore#58179
• [Backport] Http.Sys: Clean up Request parsing errors by @​BrennanConroy in [Backport] Http.Sys: Clean up Request parsing errors dotnet/aspnetcore#57819
• [release/8.0] Update the Microsoft.Identity.Web versions used by project templates by @​halter73 in [release/8.0] Update the Microsoft.Identity.Web versions used by project templates dotnet/aspnetcore#58229
• Add registry search for upgrade policy keys, update dependencies from Arcade by @​dotnet-maestro in Add registry search for upgrade policy keys, update dependencies from Arcade dotnet/aspnetcore#58278
• Merging internal commits for release/8.0 by @​vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#58300
• [release/8.0] Remove ProviderKey from Hosting Bundle by @​github-actions in [release/8.0] Remove ProviderKey from Hosting Bundle dotnet/aspnetcore#58294
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#58352
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#58347
• [release/8.0] Improve dev-certs export error message by @​amcasey in [release/8.0] Improve dev-certs export error message dotnet/aspnetcore#58470
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#58474

Full Changelog: dotnet/aspnetcore@v8.0.10...v8.0.11

8.0.10

Release

Commits viewable in compare view.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.