Skip to content

Releases: Ken-Tucker/AstronomyPictureOfTheDay

V3

25 Dec 01:20
@vb2ae vb2ae
V3
d3d890b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V3 Latest
Latest

Updated how version numbers are created
Added the ability to use the HttpClientFactory
Now supports.net 8, .net 9, and .net standard 2
New samples

Added digital signature.
Added software bill of materials to. Nuget package (sboms)

Assets 2
Loading
0 Join discussion

V1.1

25 Jun 19:50
@vb2ae vb2ae
V1.1
a615132
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V1.1

Fixes security issue. Remove support for .net 5 and add support for .net 6

Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of StackOverFlow exception (SOE) whenever nested expressions are being processed. Exploiting this vulnerability results in Denial Of Service (DoS), and it is exploitable when an attacker sends 5 requests that cause SOE in time frame of 5 minutes. This vulnerability affects Internet Information Services (IIS) Applications.

References
JamesNK/Newtonsoft.Json#2457
JamesNK/Newtonsoft.Json#2462
JamesNK/Newtonsoft.Json@7e77bbe
https://alephsecurity.com/2018/10/22/StackOverflowException/
https://alephsecurity.com/vulns/aleph-2018004
https://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678

Assets 3
Loading