Update minimum SqlClient versions to avoid vulnerability
madelson opened this issue · 2 comments
madelson commented
Obviously app consumers can perform the update themselves since we just set a lower bound, but by updating we can be sure that we won't bring a bad version in transitively.
jinghua395 commented
Hi,
I would like to upvote this issue.
As I have tried to run this lib in Linux, and it crashed my app, as the current version Microsoft.Data.SqlClient 2.2.0 is not compatible with Linux.
madelson commented
@jinghua395 thanks for the feedback. The library specifies a lower bound so you can install a higher version of Microsoft.Data.SqlClient
in your app just by adding a package reference.
I wasn't aware that 2.2 didn't support Linux; do you know what version adds Linux support?
I'm reluctant to require version 5+ given this issue.