Skip to content

Commit

Permalink
Update the System.Formats.Asn1 package for Az.CodeSigning module (#25665
Browse files Browse the repository at this point in the history 
)

* Update the System.Formats.Asn1 package

This fix addresses CVE-2024-38095

* update changelog.md
  • Loading branch information
@Jaxelr
Jaxelr authored Jul 28, 2024
1 parent 61507de commit 445805b
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions src/CodeSigning/CodeSigning/ChangeLog.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
-->
## Upcoming Release
* Added `Get-AzCodeSigningCertChain` cmdlet to retrieve the certificate chain for a certificate profile.
* Added System.Formats.Asn1 dependency to the module to address a security vulnerability.

## Version 0.1.2
* Updated signed 3rd party assembly Polly.dll to PSGallery
Expand Down
1 change: 1 addition & 0 deletions src/CodeSigning/CodeSigning/CodeSigning.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
<PackageReference Include="Polly" Version="7.2.4" />
<PackageReference Include="Azure.CodeSigning.Client.CryptoProvider" Version="0.1.16" />
<PackageReference Include="Azure.CodeSigning.Sdk" Version="0.1.106" />
<PackageReference Include="System.Formats.Asn1" Version="6.0.1" />
<PackageReference Include="System.Security.Cryptography.Pkcs" Version="6.0.3" />
</ItemGroup>

Expand Down

0 comments on commit 445805b

Please sign in to comment.