Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerability in System.Data.SqlClient package #267

Open
alexanddercrb opened this issue Jan 20, 2023 · 4 comments
Open

Vulnerability in System.Data.SqlClient package #267

alexanddercrb opened this issue Jan 20, 2023 · 4 comments

Comments

@alexanddercrb
Copy link

There is a vulnerability on this package, details here: https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-3110424
Maybe it can be updated to a newer version

@Cinchoo
Copy link
Owner

Cinchoo commented Apr 19, 2023

completed.

@jvmap
Copy link

jvmap commented Jun 6, 2024

There is a new vulnerability:
GHSA-98g6-xh36-x2p7

I wonder, why does the core ChoETL package even depend on System.Data.SqlClient? On first sight, this dependency would be more sensible as an optional extension.

@stevenrlp
Copy link

This is causing users who have upgraded to .NET 9 to not be able to build their solutions as Microsoft have changed the default NuGetAudit options. Maybe this should be addressed and as jvmap said maybe even added as an optional extension.

@Cinchoo
Copy link
Owner

Cinchoo commented Nov 24, 2024

upgraded sqlclient package, released v1.2.1.69.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants