Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-3602 OpenSSL security notice and MediaInfo.Core.Native dotnet c# package #45

Open
Dunge opened this issue Nov 3, 2022 · 0 comments
Open

CVE-2022-3602 OpenSSL security notice and MediaInfo.Core.Native dotnet c# package #45

Dunge opened this issue Nov 3, 2022 · 0 comments
Labels
wontfix

Comments

@Dunge
Copy link

Dunge commented Nov 3, 2022

There's a security advisory of an important OpenSSL vulnerability between version 3.0 and fixed in 3.7.

MediaInfo.Core.Native nuget end up including libssl-3-x64.dll version 3.1 in my application publish directory, so the file is flagged as affected by the security notice.

Any chance an updated nuget package can be published with the fixed OpenSSL release 3.7?
@yartat yartat added the wontfix label Apr 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yartat @Dunge