Update SixLabors.ImageSharp to 2.1.8. CVE-2024-32036 #1317
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Awesome! I need this change for a vulnerability found by a static scan. |
|
LGTM |
|
Thanks @tonyqus, do you know how I can resolve the failing ubuntu check? |
Why do you fail the ubuntu check? I didn't get it. |
antony-liu
added a commit
to antony-liu/npoi
that referenced
this pull request
Apr 26, 2024
commit 815eb29 Merge: efb45c5 ff7fa87 Author: Tony Qu <tonyqus@gmail.com> Date: Fri Apr 26 22:37:31 2024 +0800 Merge pull request nissl-lab#1316 from antony-liu/poi/v3.16-patch3 Some patches ported from poi commit efb45c5 Merge: 5cb561d b48fe66 Author: Tony Qu <tonyqus@gmail.com> Date: Fri Apr 26 21:51:49 2024 +0800 Merge pull request nissl-lab#1284 from superrnovae/bmp_pictures Opening existing workbook with pictures, adding new ones and saving it should not throw an exception commit ff7fa87 Merge: cc1de9a 5cb561d Author: Antony Liu <sun_apollo@yeah.net> Date: Fri Apr 26 20:59:25 2024 +0800 Merge branch 'master' into poi/v3.16-patch3 commit 5cb561d Merge: e82fa27 c0378c6 Author: Tony Qu <tonyqus@gmail.com> Date: Thu Apr 25 02:05:43 2024 +0800 Merge pull request nissl-lab#1303 from Bykiev/FixCreateCellComment XLS - Fix adding cell comment commit e82fa27 Merge: 83106c2 989cb6b Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 19:43:02 2024 +0800 Merge branch 'master' of https://github.com/nissl-lab/npoi commit 83106c2 Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 19:42:35 2024 +0800 fix nissl-lab#1315 - rollback the change of dt2D and dtr property commit 989cb6b Merge: 7fd6e4c 9fe58ed Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 04:19:14 2024 +0800 Merge pull request nissl-lab#1281 from superrnovae/xssf_formula_results_format [Bug 67785] Make XSSFExcelExtractor output more like that from XSSFEventBasedExcelExtractor commit 7fd6e4c Merge: 976c1f5 7892c92 Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 03:58:13 2024 +0800 Merge pull request nissl-lab#1307 from Bykiev/DocVars Fix reading document variables commit 976c1f5 Merge: 3412b21 428a170 Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 03:55:07 2024 +0800 Merge pull request nissl-lab#1262 from jake-codes-at-5-am/removedatavalidation-to-upstream Add RemoveDataValidation method commit 3412b21 Merge: 4eb5d0e 7c65a61 Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 24 03:53:27 2024 +0800 Merge pull request nissl-lab#1314 from antony-liu/fix/github-issue-1070 Avoid NullReference exception when saving workbook with XML Map commit 4eb5d0e Merge: 9e6eef1 44de724 Author: Tony Qu <tonyqus@gmail.com> Date: Thu Apr 18 08:13:11 2024 +0800 Merge pull request nissl-lab#1317 from DontFretBrett/update-sixlabors-imagesharp-218 Update SixLabors.ImageSharp to 2.1.8. CVE-2024-32036 commit 44de724 Author: Brett Sanders <brett.sanders@lightstream.com> Date: Wed Apr 17 10:53:37 2024 -0700 Update SixLabors.ImageSharp to 2.1.8. CVE-2024-32036 commit 9e6eef1 Merge: 595ed45 6321d89 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 22:31:48 2024 +0800 Merge branch 'master' of https://github.com/nissl-lab/npoi commit 595ed45 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 22:31:38 2024 +0800 fix TestXWPFRun unit test commit 6321d89 Merge: a8a827f 1067d7f Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 09:05:17 2024 +0800 Merge pull request nissl-lab#1313 from Bykiev/SharpZipLib Update SharpZipLib to v1.4.2 commit a8a827f Merge: f0b0ea8 79dfd75 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 09:04:05 2024 +0800 Merge pull request nissl-lab#1283 from superrnovae/table_cellreferences [github-164] Fix Bug in XSSFTable.setCellReferences when table is single cell. commit f0b0ea8 Merge: 174fc67 16b283d Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 09:02:16 2024 +0800 Merge pull request nissl-lab#1309 from antony-liu/poi/v3.16-patch2 Patches about VBAMacroReader from poi commit 174fc67 Merge: d31d5d3 649c565 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 08:47:24 2024 +0800 Merge branch 'master' of https://github.com/nissl-lab/npoi commit d31d5d3 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 08:46:58 2024 +0800 adjust Word openxml serialization commit 990e862 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 08:45:20 2024 +0800 only add xml:space="preserve" when the value starts or ends with whitespace commit 590b7f7 Author: Tony Qu <tonyqus@gmail.com> Date: Tue Apr 16 08:42:58 2024 +0800 fix nissl-lab#1276 - remove docGrid init code in CT_SectPr constructor commit 7c65a61 Author: Antony Liu <sun_apollo@yeah.net> Date: Sat Apr 13 15:30:16 2024 +0800 Fix issue nissl-lab#1070, avoid NullReference exception when saving workbook with XML Map commit 1067d7f Author: ABykiev <bykiev.andrei@mail.ru> Date: Tue Apr 9 18:51:36 2024 +0300 Update SharpZipLib to v1.4.2 Closes nissl-lab#1149 commit 16b283d Merge: 8f43183 649c565 Author: Antony Liu <sun_apollo@yeah.net> Date: Fri Apr 5 09:58:46 2024 +0800 Merge branch 'master' into poi/v3.16-patch2 commit 649c565 Merge: 17041e5 7c89ee6 Author: Tony Qu <tonyqus@gmail.com> Date: Fri Apr 5 09:22:04 2024 +0800 Merge pull request nissl-lab#1306 from antony-liu/poi/v3.16-patch1 Some patches ported from poi commit 17041e5 Merge: 462f15f b89af43 Author: Tony Qu <tonyqus@gmail.com> Date: Wed Apr 3 07:35:01 2024 +0800 Merge pull request nissl-lab#1291 from jake-codes-at-5-am/fix-ct-formulacell-write CT_CellFormula.Write: fix writing the si attribute commit 7892c92 Author: ABykiev <bykiev.andrei@mail.ru> Date: Tue Apr 2 21:58:45 2024 +0300 Fix reading document variables Closes nissl-lab#1199 commit c0378c6 Author: ABykiev <bykiev.andrei@mail.ru> Date: Sun Mar 31 20:31:09 2024 +0300 XLS - Fix adding cell comment Closes nissl-lab#1240 commit 462f15f Author: Tony Qu <tonyqus@gmail.com> Date: Thu Mar 28 11:09:26 2024 +0800 Update FUNDING.yml commit 766e2c5 Author: Tony Qu <tonyqus@gmail.com> Date: Thu Mar 28 11:07:55 2024 +0800 Create FUNDING.yml commit 844391f Author: Tony Qu <772561+tonyqus@users.noreply.github.com> Date: Thu Mar 28 11:00:17 2024 +0800 Delete .github/FUNDING.yml commit b89af43 Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Mar 12 15:27:58 2024 +0700 upstream-fix: in `CT_CellFormula` ensure the `siField` is written into `fField`'s attributes on `Write` even when it has a default value for cases when the type of the formula is Shared formula. commit b48fe66 Author: suppernovae <vladislavp@pm.me> Date: Tue Mar 5 13:08:05 2024 +0100 Fix saving existing workbook with pictures after adding new ones commit 79dfd75 Author: suppernovae <vladislavp@pm.me> Date: Tue Mar 5 11:43:26 2024 +0100 [github-164] Fix Bug in XSSFTable.setCellReferences when table is single cell commit 9fe58ed Author: suppernovae <vladislavp@pm.me> Date: Tue Mar 5 10:48:34 2024 +0100 Revert "Use range operator instead of substring method" This reverts commit 5b838ba. commit 5b838ba Author: suppernovae <vladislavp@pm.me> Date: Tue Mar 5 10:41:42 2024 +0100 Use range operator instead of substring method commit e5e92af Author: suppernovae <vladislavp@pm.me> Date: Mon Mar 4 23:36:35 2024 +0100 Bug 67784: XSSFExcelExtractor does not format formula results like the streaming based extractor commit 428a170 Author: Artem Koloskov <artem@ironsoftware.com> Date: Fri Feb 9 11:31:06 2024 +0700 Upstream feature: change RemoveValidationData methods to RemoveDataValidation commit a39833e Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Nov 28 16:45:29 2023 +0700 Upstream feature: add tests for ISheet.RemoveValidationData method commit fefe574 Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Nov 28 16:44:37 2023 +0700 Upstream fix: fix CT_DataValidations.Write method. It was writing an empty dataValidations node if its dataValidation property was empty, which was breaking the resulting xlsx file commit 8e4b633 Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Nov 28 16:41:54 2023 +0700 Upstream feature: ass ISheet.RemoveValidationData method and implement it in HSSF, XSSF and SXSSF Sheets commit 73daa01 Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Nov 28 16:40:21 2023 +0700 Upstream feature: implement DataValidityTable.RemoveDataValidation method commit 01c9fa5 Author: Artem Koloskov <artem@ironsoftware.com> Date: Tue Nov 28 16:38:03 2023 +0700 Upstream feature: Implement CT_DataValidation and DVRecord Equals() method overrides.
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update SixLabors.ImageSharp to 2.1.8 to address CVE-2024-32036