Visual Studio detecting Venerability with SixLabours.ImageSharp dependencies #433

bhaveshvakil · 2024-03-26T18:18:50Z

Can someone upgrade this package?

As per author, they already fixed the issue but PdfSharpCore is still using old package.

Thanks

chrisg32 · 2024-04-08T15:42:14Z

@bhaveshvakil If you add package SixLabors.ImageSharp 2.1.7 the error will go away.

This should be closed with #429

hungphamcrl · 2024-04-18T15:13:10Z

will PdfSharpCore works with 2.1.8? version 2.1.7 is vulnerable now

chrisg32 · 2024-04-18T15:27:07Z

@hungphamcrl it should it you add the 2.1.8 package directly.

PR #435 will bump the minimum version to 2.1.8

TonyValenti · 2024-04-29T16:51:35Z

PR #427 contains that fix and preserves different versions for legacy builds of the library as well.

Grynet · 2024-05-13T15:04:01Z

It would be great if this could finally get some attention from the author.

As mentioned solution proposals have already been provided in the linked PR

jarrabito · 2024-05-24T13:34:19Z

Is there an ETA on this?

KBaileyMobilearth · 2024-12-02T19:16:59Z

2.1.8 is also flagged now.

kgamecarter · 2024-12-10T14:00:49Z

Now update to 2.1.9

Provide feedback