CVE-2024-0056 fixes

[garyhampson]

Hi friends,

Our InfoSec team has passed this vulnerability onto us and so I'm opening this here with you to see if this can be remediated as it relates to the dbatools.library module.

The library Microsoft.Data.SqlClient version 5.0.1 was detected in Dotnet library manager located at C:\Program Files\WindowsPowerShell\Modules\dbatools.library\2023.9.21\core\lib\mac\sqlpackage.deps.json and is vulnerable to CVE-2024-0056, which exists in versions >= 5.0.0, < 5.1.3.

The vulnerability was found in the Github Security Advisory with vendor severity: High.

The vulnerability can be remediated by updating the library to version 5.1.3 or higher, using dotnet add package Microsoft.Data.SqlClient.

I'm running the following versions:

2.1.8 dbatools PSGallery The community module that enables SQL Server Pro...
2023.9.21 dbatools.library PSGallery The library that powers dbatools, the community ...

Thanks!

Gary Hampson

[garyhampson]

#7 has been raised to remediate this. Please review as this would be my first PR and I don't want to do anything to mess things up.

[jpomfret]

@potatoqualitee - we can close this now as it was fixed with #7
(I don't have rights here to close - which is fine.. just so you know why I'm delegating to you 😄 )

[potatoqualitee]

ty 🙏🏼