THIS RELEASE ADDRESSES TWO CVE'S
This update addresses two CVE's, one in Microsoft.Data.SqlClient and one in Azure.Identity. Thanks to @garyhampson for the update on dbatools.library dataplat/dbatools.library#7
See this announcement from Microsoft for more details.
Essentially:
If you are using Microsoft.Data.SqlClient, anywhere (.NET Core, .NET 6/7/8, .NET Framework) and you are using a version that is vulnerable you must update your NuGet package reference to an updated version: 2.1.7, 3.1.5, 4.0.5, or 5.1.3
An updated version of Microsoft.Data.SqlClient, version 5.1.4, was also released that upgrades the Azure.Identity dependency version to 1.10.3 , which addresses CVE-2023-36414 in that library. (release notes) (download)
What's Changed
- Added documentation for PR #6777 (Query Store Set and Get functions shouldn't try to get data from model) by @ReeceGoding in #9266
- Skip Failing Replication Tests by @potatoqualitee in #9268
- update dbatools library by @potatoqualitee in #9267
- Install-DbaMaintenanceSolution does not work inside a container by @david-garcia-garcia in #9252
New Contributors
- @david-garcia-garcia made their first contribution in #9252
Full Changelog: v2.1.9...v2.1.10