Merge pull request #458 from AzureAD/users/pushpakpatil/vulnerabilityFixes

Pushpakp53 · web-flow · commit de20930c34b3 · 2026-05-04T15:13:54.000+05:30
Updated package to resolve security vulnerability
diff --git a/src/AdoPat/AdoPat.csproj b/src/AdoPat/AdoPat.csproj
@@ -14,7 +14,7 @@
     <PackageReference Include="Microsoft.VisualStudio.Services.Client" Version="19.239.0-preview" />
     <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
     <!-- Transitive dependencies of Microsoft.VisualStudio.Services.Client temporarily pinned for security reasons. -->
-    <PackageReference Include="System.Formats.Asn1" Version="8.0.1" />
-    <PackageReference Include="System.Security.Cryptography.Xml" Version="8.0.2" />
+    <PackageReference Include="System.Formats.Asn1" Version="10.0.7" />
+    <PackageReference Include="System.Security.Cryptography.Xml" Version="10.0.7" />
   </ItemGroup>
 </Project>
diff --git a/src/AzureAuth/AzureAuth.csproj b/src/AzureAuth/AzureAuth.csproj
@@ -27,6 +27,7 @@
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.Office.Lasso" Version="2024.10.23.1" />
+    <PackageReference Include="OpenTelemetry.Api" Version="1.15.3" />
     <PackageReference Include="Tomlyn" Version="0.11.0" />
   </ItemGroup>
   <ItemGroup>
