Add support for .NET 8.0.10 and 8.0.11

[skisy]

What problem would the feature you're requesting solve? Please describe.

High severity security vulnerabilities exist in .NET 8.0.8, but the Windows Function App host does not contain 8.0.10 or 8.0.11 runtime. A month after 8.0.10 release, it is still not supported.

Describe the solution you'd like

.NET 8.0.10 runtime (as a minimum) is added to Function App host.

Describe alternatives you've considered

Using docker, dotnet-docker has support for 8.0.10. Should not be necessary as PaaS resources should be maintained correctly.

Additional context

[liliankasem]

This is a platform issue rather than a functions issue, we'll get this routed to the correct team.

[JAdluri]

Hello @skisy Thank you for reporting we will check and get back with proper documentation

[MarcisR]

Same issue here on linux Function App host, we were advised to create custom base image, which requires much effort form our side.
Can we see anywhere planned updates and releases for this type of upgrades ?

Thats a lot of CVEs not fixed:
.NET 8.0.12 release carries the security fixes:
Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-21173 | .NET Elevation of Privilege Vulnerability
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability

.NET 8.0.10 release carries the security fixes:
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-43484 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability

[vsry]

We've also been advised to use containers.
It would be great to know what the rough schedule might be, are the platform team waiting for DotNet 8.1?
If I have to use containers I might as well use Kubernetes

[alexastall]

Can we get an update on this please. Thanks

[wraithking]

Dear Microsoft,

Could you please update the base images for Linux to include .NET version 8.0.11 as a minimum?
We are unable to run our code on version 8.0.8, and this is urgent for us.

[cgultunca]

Could you provide an update on this? Additionally, is there a confirmed release date?

Thanks

[fabiocav]

We have been actively working with the appropriate teams and the deployment is currently rolling out. We'll keep this updated as progress is made.

Thank you all for the patience.

[wraithking]

Thank you for your response. We will follow the updates and wait for news.
Do I understand correctly that someone from the appropriate team runs the command:
FROM mcr.microsoft.com/dotnet/sdk:8.0.12 AS build

creates a new image, and will soon push it as a base image to Azure, so we can start using it in production already?

I hope it will happen today or on Monday? :)