Hi, in my application I'm using package Volo.Abp.Account.Pro.Public.Application/8.1.3 and this package have dependency "Volo.Abp.Imaging.ImageSharp": "8.1.3", and if I check the dependency of Volo.Abp.Imaging.ImageSharp": "8.1.3, it consist "SixLabors.ImageSharp": "3.0.2", (sharing screenshot for reference). SixLabors.ImageSharp's 3.0.2 version is vulnerable which is why it is not allowed to deploy in my organization. Could you please upgrade this with latest stable version. ABP Framework version: v8.1.1
UI Type:React
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace:NA
Steps to reproduce the issue: NA
4 Answer(s)
-
0
hi
. Could you please upgrade this with latest stable version.
No problem. Thanks for your feedback
We have upgraded this package in 8.3
-
0
hi
. Could you please upgrade this with latest stable version.
No problem. Thanks for your feedback
We have upgraded this package in 8.3
Hi, thank you for your quick response, how soon it will be updated? I'm not able to deploy my application due to this.
-
0
hi
You can add
SixLaborspackages to your projects that useVolo.Abp.Account.Pro.Public.Application/8.1.3<PackageVersion Include="SixLabors.ImageSharp" Version="3.1.4" /> <PackageVersion Include="SixLabors.ImageSharp.Drawing" Version="2.0.1" /> -
0
SixLabors.ImageSharp.Drawing
sure, thank you.
