.NET Compiler Platform ("Roslyn") Analyzers v2.9.10

Version Release Notes from July 14, 2020 (almost 4 years ago)

« Changelog History

.NET Compiler Platform ("Roslyn") Analyzers v2.9.10 Release Notes

Release Date: 2020-07-14 // almost 4 years ago

🚀 Release build of Roslyn-analyzers based on Microsoft.CodeAnalysis 2.9.0 NuGet packages. Works with VS 2017 15.9 or later.

🚀 Contains the following important changes on top of the v2.9.9 release.

🆕 New security rules to help find vulnerabilities related to DataSet and DataTable security guidance.

🐛 Bug fixes
- 📄 CA3075: Fix false positives with XmlDocument on .NET Framework 4.5.2 or later
➕ Added
- 🔒 Security
  - CA2350: Ensure DataTable.ReadXml()'s input is trusted
  - CA2351: Ensure DataSet.ReadXml()'s input is trusted
  - CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks
  - CA2353: Unsafe DataSet or DataTable in serializable type
  - CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks
  - CA2355: Unsafe DataSet or DataTable in deserialized object graph
  - CA2356: Unsafe DataSet or DataTable in web deserialized object graph

Awesome .NET is part of the LibHunt network. Terms. Privacy Policy.