Hi everyone,
We’ve just released NServiceBus.RavenDB 11.0.1, 10.1.1, 9.1.1, and 8.2.2.
Fixed bugs
- #1583 NServiceBus.RavenDB incompatible with RavenDB.Client 7.x (MissingMethodException)
Fixed CVEs
- #1575 GitHub Security Advisory ID (GHSA-w3x6-4m5h-cxqf)
- #1576 GitHub Security Advisory ID (GHSA-37gx-xxp4-5rgx)
How to know if you are affected
You are affected by #1583 if:
- You are using NServiceBus.RavenDB v10.x or v11.0.0 with RavenDB.Client 7.x
- You are using sagas
You are affected by #1575 and #1576 if you are using previous versions of this component, but that doesn’t necessarily mean you are vulnerable.
Symptoms
For #1583, MissingMethodExceptions are thrown when trying to load sagas.
For #1575 and #1576, transitive dependency warnings that mention NServiceBus packages are displayed at build time when projects have the NuGetAuditMode setting configured as all.
When to upgrade
You should upgrade immediately if you are affected. Otherwise, you should upgrade during your next maintenance window.
Where to get it
You can install the new versions of NServiceBus.RavenDB from NuGet.
Please read our release policy for more details.
With thanks,
The team in Particular