arthg wrote:
Thanks for your help
I see there is an upgrade to Magick.NET 7.0.1.101 and associated NuGet package to resolve the security issue.Hi, I am intending to use Magick.NET 7.0.1.500 in my MVC application, this version covers the CVE 1-5 as well ?, all I have to do is add the required DLL's and the latest policy.xml file, will this be enough to cover the vulnerabilities mentioned above ? Where can I find the Policy.xml corresponding to this?
Are you planning to release a build and package that fixes version 6? We are using the NuGet package 6.8.9.601 (wraps 6.8.9.6)
We have not been able to upgrade to 7.x because there were some breaking changes in version 7, and 7 is currently beta status.
Thanks for your help