[QUESTION] Is it possible to fix the vulnerability for the v4 #2418
Labels
Comments
|
I have made a PR for this issue. Like I said on the PR my modification should stay on a new branch and should not be merged on master. |
|
+1 We also need this vulnerability fixed in v4, as we cannot upgrade to v5 due to #2307 We have tried the latest 5.0.18 which is supposed to resolve #2307 however this introduced a new issue "Maximum number of transactions reached" (this error has been seen before after a series of errors, but in 5.0.18 it's happening very quickly after startup of our application, no prior errors, and only a couple of db upserts). Rolling back to 5.0.17 removes the "Maximum number of transactions reached" problem, but does not resolve #2307 . Please help us! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi everyone,
I was wondering if it's conceivable to fix the critical vulnerability for the version 4 of LiteDB.
I understand it's not a big priority as the project is now on the v5 and the issue was already solve since the 5.0.13 but it could help people who don't want to migrate their database to v5.
If you think it's possible I could make a PR for it.
For me it's because I have my own migration tool to ensure that my database can be migrate (data view) up/down depending on my software version and it will be difficult to manage a new version of the LiteDB.
Regarding this usage. Is there some API to migrate (other than the upgrade=true on the connexion string) to migration to V5 and more interesting : migration from V5 to V4 ?
Thank you for your time and have a great day!
The text was updated successfully, but these errors were encountered: