We’ve just released NServiceBus 7.8.1 and 7.7.5.
- #6626 System.Security.Cryptography.Xml vulnerability (CVE-2022-34716)
You are affected if:
- You are using NServiceBus 7.7.x (7.7.4 or earlier) or 7.8.0 (other versions may be affected, but they are not supported)
- You do not explicitly reference
<PackageReference Include="System.Security.Cryptography.Xml" Version="4.7.1" />or later
For more information about the CVE-2022-34716 vulnerability consult the security advisory documentation.
You should upgrade immediately if you are affected.
You can install the new versions of NServiceBus from NuGet.
The team in Particular
Please read our release policy for more details.