What's Changed
- Better async handling of license validation; fixes #4612 by @jbogard in #4613
- More artifacts for builds (test results and SBOM) by @jbogard in #4615
- Update Microsoft.Sbom.DotNetTool to 4.1.5 by @jbogard in #4616
Security
Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.
Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.
Users should upgrade to this release.
Security advisory: GHSA-rvv3-g6hj-g44x
Thanks to @skdishansachin for responsibly disclosing this issue.
Full Changelog: v16.1.0...v16.1.1
Contributors
jbogard and skdishansachin