🚀 SQL Server automation and instance migrations have never been safer, faster or freer
Update dbatools library to update RestSharp which had the previous CVE.
Full Changelog: https://github.com/dataplat/dbatools/compare/V2.1.13...v2.1.14
This is the official Andreas Jordan release 😅
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.12...V2.1.13
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.11...v2.1.12
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.10...v2.1.11
This update addresses two CVE's, one in Microsoft.Data.SqlClient and one in Azure.Identity. Thanks to @garyhampson for the update on dbatools.library https://github.com/dataplat/dbatools.library/pull/7
See this announcement from Microsoft for more details.
Essentially:
If you are using Microsoft.Data.SqlClient, anywhere (.NET Core, .NET 6/7/8, .NET Framework) and you are using a version that is vulnerable you must update your NuGet package reference to an updated version: 2.1.7, 3.1.5, 4.0.5, or 5.1.3
An updated version of Microsoft.Data.SqlClient, version 5.1.4, was also released that upgrades the Azure.Identity dependency version to 1.10.3 , which addresses CVE-2023-36414 in that library. (release notes) (download)
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.9...v2.1.10
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.8...v2.1.9
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.7...v2.1.8
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.6...v2.1.7
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.5...v2.1.6
Full Changelog: https://github.com/dataplat/dbatools/compare/v2.1.4...v2.1.5