From 2e9b69c684ccc615e51793143c6ac4ed67e4e1e4 Mon Sep 17 00:00:00 2001
From: Genevieve Warren <24882762+gewarren@users.noreply.github.com>
Date: Wed, 11 Sep 2024 15:52:24 -0700
Subject: [PATCH 1/2] Update NotSupportedException for BinaryFormatter
 (de)serialize (#8992)

---
 .../BinaryFormatter.xml                                | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/xml/System.Runtime.Serialization.Formatters.Binary/BinaryFormatter.xml b/xml/System.Runtime.Serialization.Formatters.Binary/BinaryFormatter.xml
index 8715a93d6e8..5b2af593f91 100644
--- a/xml/System.Runtime.Serialization.Formatters.Binary/BinaryFormatter.xml
+++ b/xml/System.Runtime.Serialization.Formatters.Binary/BinaryFormatter.xml
@@ -72,7 +72,7 @@
   </Attributes>
   <Docs>
     <summary>Serializes and deserializes an object, or an entire graph of connected objects, in binary format.</summary>
-    <remarks>Warning: BinaryFormatter is insecure and can't be made secure. For more information, see the <see href="/dotnet/standard/serialization/binaryformatter-security-guide">BinaryFormatter security guide</see> and <see href="/previous-versions/dotnet/fundamentals/serialization/binary/system-runtime-serialization-formatters-binary-binaryformatter">System.Runtime.Serialization.Formatters.Binary.BinaryFormatter class</see>.</remarks>
+    <remarks>Warning: BinaryFormatter is insecure and can't be made secure. For more information, see the <see href="/dotnet/standard/serialization/binaryformatter-security-guide">BinaryFormatter security guide</see>. The in-box implementation of BinaryFormatter was removed in .NET 9. For more information, see <see href="/dotnet/standard/serialization/binaryformatter-migration-guide/">BinaryFormatter migration guide</see>.</remarks>
   </Docs>
   <Members>
     <MemberGroup MemberName=".ctor">
@@ -132,7 +132,6 @@ This constructor sets the properties of the <xref:System.Runtime.Serialization.F
 |-------------------|---------------|
 |<xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.SurrogateSelector%2A>|`null`|
 |<xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Context%2A>|A <xref:System.Runtime.Serialization.StreamingContext> with a value that indicates that serialized data can be transmitted to or received from any of the other contexts. (<xref:System.Runtime.Serialization.StreamingContextStates.All?displayProperty=nameWithType>)|
-
  ]]></format>
         </remarks>
       </Docs>
@@ -460,7 +459,8 @@ An error occurred while deserializing an object from the input stream.
 
 The <see langword="InnerException" /> property may contain more information about the root cause.</exception>
         <exception cref="T:System.Security.SecurityException">The caller does not have the required permission.</exception>
-        <exception cref="T:System.NotSupportedException">ASP.NET Core 5 and later: Always thrown unless <see cref="T:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter" /> functionality is re-enabled in the project file. For more information, see <see href="https://aka.ms/binaryformatter">Resolving BinaryFormatter obsoletion and disablement errors</see>.</exception>
+        <exception cref="T:System.NotSupportedException">ASP.NET Core 5-8: Always thrown unless <see cref="T:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter" /> functionality is re-enabled in the project file. For more information, see <see href="https://aka.ms/binaryformatter">Resolving BinaryFormatter obsoletion and disablement errors</see>.</exception>
+        <exception cref="T:System.PlatformNotSupportedException">.NET 9 and later versions: In all cases. For more information, see <see href="https://learn.microsoft.com/dotnet/standard/serialization/binaryformatter-migration-guide/">BinaryFormatter migration guide</see>.</exception>
       </Docs>
     </Member>
     <Member MemberName="Deserialize">
@@ -635,7 +635,6 @@ For deserialization to succeed, the current position in the stream must be at th
 
  ]]></format>
         </remarks>
-        <related type="Article" href="https://learn.microsoft.com/previous-versions/dotnet/netframework-4.0/5dxse167(v=vs.100)">Automatic Deserialization in .NET Framework Remoting</related>
       </Docs>
     </Member>
     <MemberGroup MemberName="Serialize">
@@ -730,7 +729,8 @@ For deserialization to succeed, the current position in the stream must be at th
  The <paramref name="graph" /> is null.</exception>
         <exception cref="T:System.Runtime.Serialization.SerializationException">An error has occurred during serialization, such as if an object in the <paramref name="graph" /> parameter is not marked as serializable.</exception>
         <exception cref="T:System.Security.SecurityException">The caller does not have the required permission.</exception>
-        <exception cref="T:System.NotSupportedException">ASP.NET Core 5 and later: Always thrown unless <see cref="T:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter" /> functionality is re-enabled in the project file. For more information, see <see href="https://aka.ms/binaryformatter">Resolving BinaryFormatter obsoletion and disablement errors</see>.</exception>
+        <exception cref="T:System.NotSupportedException">ASP.NET Core 5-8: Always thrown unless <see cref="T:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter" /> functionality is re-enabled in the project file. For more information, see <see href="https://aka.ms/binaryformatter">Resolving BinaryFormatter obsoletion and disablement errors</see>.</exception>
+        <exception cref="T:System.PlatformNotSupportedException">.NET 9 and later versions: In all cases. For more information, see <see href="https://learn.microsoft.com/dotnet/standard/serialization/binaryformatter-migration-guide/">BinaryFormatter migration guide</see>.</exception>
       </Docs>
     </Member>
     <Member MemberName="Serialize">

From d37511f83d2622336dfbea41cab1d04b06ae8e26 Mon Sep 17 00:00:00 2001
From: Radek Zikmund <32671551+rzikm@users.noreply.github.com>
Date: Thu, 12 Sep 2024 09:35:35 +0200
Subject: [PATCH 2/2] Mention gss-ntlmssp package for NTLM on Linux (#10359)

* Mention gss-ntlmssp package for NTLM on Linux

Closes https://github.com/dotnet/runtime/issues/101058

* Code review feedback

* Code review feedback

* Update NetworkCredential.xml
---
 xml/System.Net/NetworkCredential.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/xml/System.Net/NetworkCredential.xml b/xml/System.Net/NetworkCredential.xml
index 49c1fbb8843..872db3610c5 100644
--- a/xml/System.Net/NetworkCredential.xml
+++ b/xml/System.Net/NetworkCredential.xml
@@ -79,6 +79,11 @@
 ## Remarks
  The <xref:System.Net.NetworkCredential> class is a base class that supplies credentials in password-based authentication schemes such as basic, digest, NTLM, and Kerberos. Classes that implement the <xref:System.Net.ICredentials> interface, such as the <xref:System.Net.CredentialCache> class, return <xref:System.Net.NetworkCredential> objects.
 
+> [!NOTE]
+> On Unix platforms, use of NTLM authentication may require installing the NTLM plugin for the GSSAPI layer used by the implemention. On Ubuntu distributions, the package is called `gss-ntlmssp`. Alternatively, applications may opt in for a managed implementation of NTLM by setting the `_UseManagedNtlm` .csproj property (.NET 9+ only), or setting the `System.Net.Security.UseManagedNtlm` AppContext switch.
+>
+> On Windows, NTLM and Negotiate (Kerberos) authentication always depend on GSSAPI of the operating system.
+        
  This class does not support public key-based authentication methods such as Secure Sockets Layer (SSL) client authentication.