As the title says, when upgrading to 24.11.0, i get vulnerability messages for System.Formats.Asn1. Will 9.0.0 work for 24.11.0
Could you please clarify what specific vulnerability messages you are encountering when upgrading to Aspose 24.11.0?
Which specific Aspose (.NET) APIs you are using, so we could evaluate the issue precisely and log appropriate tickets for different Aspose (.NET) libraries accordingly.
PDF, Cells, Words, Imaging, Slides
For Aspose.Cells, we already logged a ticket for it. We will evaluate the issue and vulnerability in details. We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): CELLSNET-57254
You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.
For other APIs, e.g., Aspose.Words, Aspose.PDF, Aspose.Slides and Aspose.Imaging, my colleagues from respective teams will evaluate and get back to you soon.
Do you think it would be fine to use the System.Formats.Asn1 9.0.0 instead, so like will Aspose work with that if I install System.Formats.Asn1 9.0.0 separately?
Please spare us little time to evaluate the issue on our end first then we could comment on it. Generally using System.Formats.Asn1 version 9.0.0 with Aspose.Total for .NET 24.11.0 should work, but you may want to try it in unit testing on your end.
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): PDFNET-58682
You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.
@dmerkle1,
It looks like the warning message appears in the Error List in Visual Studio, but I don’t see the message when I use Aspose.Slides for .NET 24.11. Could you please confirm the issue for Aspose.Slides and provide more details on how to cause it to appear?
By the way, could you please give details about your Visual Studio version. I use Visual Studio 2022 (64-bit) - Current Version 17.9.6.
@dmerkle1 Could you please describe how to reproduce the problem? I use the same version of Visual Studio as @Denis.Sitko and do not see the mentioned warning on my side. If possible, could you please created a simple project that will allow us to reproduce the problem?
My bad, its only Aspose.Cells and Aspose.Pdf that seem to have the issue. They reference System.Security.Cryptography.Pkcs (8.0.0) and that references System.Formats.Asn1 (8.0.0).
image.png (23.9 KB)
image.png (12.9 KB)
My Visual Studio is 2022 17.12.1
Thank you for providing information about your Visual Studio version and the vulnerability in System.Security.Cryptography.Pkcs (8.0.0) that references System.Formats.Asn1 (8.0.0). Regarding Aspose.Cells, I have logged the details with your existing ticket “CELLSNET-57254” in our database. We will investigate the issue thoroughly, and once we have an update or figure it out, we will let you know.