no vulnerability free version for netstandard or netframework 4.7
ispysoftware opened this issue · 1 comments
ispysoftware commented
Prerequisites
- I have written a descriptive issue title
- I have verified that I am running the latest version of ImageSharp
- I have verified if the problem exist in both
DEBUGandRELEASEmode - I have searched open and closed issues to ensure it has not already been reported
ImageSharp version
3.1.3
Other ImageSharp packages and versions
2.1.6
Environment (Operating system, version and so on)
Windows 64
.NET Framework version
NetFramework 4.7.2
Description
We're stuck on imagesharp 2.1.6 as it's the last update that supports net framework 4.7.2 which our application uses for various windows specific reasons. Now that's been marked as vulnerable we have no upgrade path except to remove it or rewrite our entire application for net 6 which isn't an option because of various missing pieces. Are there any plans to patch the 2.x versions with the vulnerability fix and release a 2.1.7? Otherwise this is a show-stopper for net framework applications.
Steps to Reproduce
Use 2.1.6 - vulnerability flagged in nuget - can't update to 3.3 as net 6 only
Images
No response