提交 · 4.8.0-servicing.20064.6 · dotNET Platform / wpf

15 1月, 2020 5 次提交

Merge pull request #2429 from dotnet/revertAndCorrectMerge30 · 397edff3

由 Rob LaDuca 提交于 1月 14, 2020

Fixing Microsoft Security Advisory CVE-2020-0606 : .NET Core Remote Code Execution Vulnerability (3.0 Merge Fix)

Loose xaml can contain executable payload e.g. `ObjectDataProvider`. This Xaml can be included as part of `XpsDocument`s or base-64 encoded and then included in `StickyNote`s' annotation xml files.

In WPF, we were allowing `XpsDocument`s and `StickyNote`s' annotation xml files to be loaded freely via `XamlReader.Load`.

This exposes an attack vector - when a user downloads an XPS file from the internet for *viewing*, they could end up executing untrusted code.

The fix is to identify known dangerous types and limit them from being deserialized during XAML loading.

In order to accomplish this, we add new _non-public_ overloads to the `XamlReader.Load` method to enable the use of `RestrictiveXamlXmlReader`. `RestrictiveXamlXmlReader` restricts known dangerous types from being loaded while deserializing xaml.

We then call `XamlReader.Load` via `XamlReaderProxy`, which is an adapter for `XamlReader` type and uses reflection to access `XamlReader.Load`. Reflection is used to avoid adding additional public surface area to `XamlReader` in servicing.

Small changes are made to `TextRange` as well since the call-site for the `StickyNote`s case was through a call to `TextRange` which in turn calls into `XamlReader.Load`.

397edff3

R

Merge commit '811b5947 ' into revertAndCorrectMerge30 · 34442c01
由 Robert LaDuca 提交于 1月 14, 2020

34442c01
R
Revert "Merge pull request #2426 from dotnet/dev/arpit/release30_1b" · 9e12374c
由 Robert LaDuca 提交于 1月 14, 2020
```
This reverts commit 20e3a966, reversing
changes made to 6f48cffd.
```
9e12374c

Merge pull request #2426 from dotnet/dev/arpit/release30_1b · 20e3a966

由 Arpit Dev Mathur 提交于 1月 14, 2020

Description

Loose xaml can contain executable payload e.g. ObjectDataProvider. This Xaml can be included as part of XpsDocuments or base-64 encoded and then included in StickyNotes' annotation xml files.

In WPF, we were allowing XpsDocuments and StickyNotes' annotation xml files to be loaded freely via XamlReader.Load.

This exposes an attack vector - when a user downloads an XPS file from the internet for viewing, they could end up executing untrusted code.

The fix is to identify known dangerous types and limit them from being deserialized during XAML loading.

In order to accomplish this, we add new non-public overloads to the XamlReader.Load method to enable the use of RestrictiveXamlXmlReader. RestrictiveXamlXmlReader restricts known dangerous types from being loaded while deserializing xaml.

We then call XamlReader.Load via XamlReaderProxy, which is an adapter for XamlReader type and uses reflection to access XamlReader.Load. Reflection is used to avoid adding additional public surface area to XamlReader in servicing.

Small changes are made to TextRange as well since the call-site for the StickyNotes case was through a call to TextRange which in turn calls into XamlReader.Load.

Customer Impact

Customers would be protected from opening potentially-compromised XPS documents and stickynotes annotation xml files.

Regression

No. This security issue was reported by an external party.

Risk - Low
o This change only affects loading XPS documents and loading stickynotes annotation data.
o The change has been tested well internally.
o We ran regression tests to ensure nothing else is inadvertently broken.
o Validated against POC to ensure that the fix works as intended.

In .NET Framework, we are introducing a quirk to give developers/cusotmers the option of going back to the old (i.e., unsecure) behavior where deserializing dangerous types like ObjectDataProvider will be allowed. In .NET Core, no quirks are being provided - we do not believe that this is a scenario that should be supported for compatibility in a relatively new platform.

20e3a966

D

Merge in 'release/3.0' changes · 867a5241
由 dotnet-bot 提交于 12月 01, 2019

867a5241

02 12月, 2019 2 次提交
- D
  
  Merge in 'release/3.0' changes · 811b5947
  由 dotnet-bot 提交于 12月 01, 2019
  
  811b5947
- D
  Update dependencies from https://github.com/dotnet/winforms build 20191127.10 (#2265) · 6f48cffd
  由 dotnet-maestro[bot] 提交于 12月 01, 2019
```
- Microsoft.Private.Winforms - 4.8.0-servicing.19577.10
```
  6f48cffd
28 11月, 2019 6 次提交
- D
  
  Merge in 'release/3.0' changes · 9b97c1bf
  由 dotnet-bot 提交于 11月 28, 2019
  
  9b97c1bf
- D
  Update dependencies from https://github.com/dotnet/arcade build 20191127.5 (#2254) · 506b06d3
  由 dotnet-maestro[bot] 提交于 11月 28, 2019
```
- Microsoft.DotNet.ApiCompat - 1.0.0-beta.19577.5
- Microsoft.DotNet.Arcade.Sdk - 1.0.0-beta.19577.5
- Microsoft.DotNet.CodeAnalysis - 1.0.0-beta.19577.5
- Microsoft.DotNet.GenAPI - 1.0.0-beta.19577.5
- Microsoft.DotNet.Helix.Sdk - 2.0.0-beta.19577.5
```
  506b06d3
- D
  
  Merge in 'release/3.0' changes · 809f72cd
  由 dotnet-bot 提交于 11月 27, 2019
  
  809f72cd
- M
  
  Add internal ci triggers and clean up trigger list (#2251) · 9302adce
  由 Matt Mitchell 提交于 11月 27, 2019
  
  9302adce
- D
  
  Merge in 'release/3.0' changes · beb589eb
  由 dotnet-bot 提交于 11月 27, 2019
  
  beb589eb
- D
  Update dependencies from https://github.com/dotnet/winforms build 20191127.5 (#2250) · 82aed49d
  由 dotnet-maestro[bot] 提交于 11月 27, 2019
```
- Microsoft.Private.Winforms - 4.8.0-servicing.19577.5
```
  82aed49d
23 11月, 2019 2 次提交

Update dependencies from https://github.com/dotnet/arcade build 20191122.3 (#2232) · 906bf50a

由 dotnet-maestro[bot] 提交于 11月 23, 2019

- Microsoft.DotNet.ApiCompat - 1.0.0-beta.19572.3
- Microsoft.DotNet.Arcade.Sdk - 1.0.0-beta.19572.3
- Microsoft.DotNet.CodeAnalysis - 1.0.0-beta.19572.3
- Microsoft.DotNet.GenAPI - 1.0.0-beta.19572.3
- Microsoft.DotNet.Helix.Sdk - 2.0.0-beta.19572.3

906bf50a

[release/3.0] Update dependencies from dotnet/arcade (#1955) · c3da7c10

由 dotnet-maestro[bot] 提交于 11月 22, 2019

* Update dependencies from https://github.com/dotnet/arcade build 20190924.3

- Microsoft.DotNet.ApiCompat - 1.0.0-beta.19474.3
- Microsoft.DotNet.Arcade.Sdk - 1.0.0-beta.19474.3
- Microsoft.DotNet.CodeAnalysis - 1.0.0-beta.19474.3
- Microsoft.DotNet.GenAPI - 1.0.0-beta.19474.3
- Microsoft.DotNet.Helix.Sdk - 2.0.0-beta.19474.3

* Update Nuget.config

* Remove Versions.props restore sources

* Attempt to remove dotnet-core, add dotnet3 and dotnet3-transport

* Fix feed urls

* Update NuGet.config

* Update dependencies

* Update test package version

* Update dependencies from https://github.com/dotnet/arcade build 20191119.2

- Microsoft.DotNet.ApiCompat - 1.0.0-beta.19569.2
- Microsoft.DotNet.Arcade.Sdk - 1.0.0-beta.19569.2
- Microsoft.DotNet.CodeAnalysis - 1.0.0-beta.19569.2
- Microsoft.DotNet.GenAPI - 1.0.0-beta.19569.2
- Microsoft.DotNet.Helix.Sdk - 2.0.0-beta.19569.2

* Add reference to System.Resources.Extensions

* Add System.Resources.Extensions references to PresentationUI

* Revert "Add reference to System.Resources.Extensions"

This reverts commit 6506e43b372531c6513f1f5a63d1ae08985ab7ff.

* Update dependencies

* Include "ResolveTargetingPackAssets" in AfterTargets; Remove unused Targets (#2230)

*         Workaround for https://github.com/dotnet/core-sdk/issues/4744
            .NET Core 3.1 SDK hasn't consumed the fix for https://github.com/NuGet/Home/issues/8467 yet.
            Suppress these warnings temporarily

* Fixing NoWarn to include SDK defines.

c3da7c10

22 11月, 2019 3 次提交

Update dependencies from... · fd11e071

由 dotnet-maestro[bot] 提交于 11月 21, 2019

Update dependencies from https://dev.azure.com/dnceng/internal/_git/dotnet-wpf-int build 20191121.4 (#2227)

- Microsoft.DotNet.Wpf.DncEng - 4.8.0-servicing.19571.4

fd11e071

Merged PR 4375: [.Net Core 3.0] MSRC 54179, 54120: Reflecting into internal... · 2059ccbc

由 Arpit Mathur 提交于 11月 21, 2019

Merged PR 4375: [.Net Core 3.0] MSRC 54179, 54120: Reflecting into internal overloads of XamlReader.Load to use RestrictiveXamlXmlReader

Bugs:

- Bug [1006082](https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1006082): MSRC 54120: XAMLReader.Load used by `GetFixedDocumentSequence` method which could lead to code execution [.Net Core 3.0]
- Bug [1006085](https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1006085): MSRC 54179: Code Execution using Malicious Annotation Files for Sticky Notes in WPF apps [.Net Core 3.0]

###Description

Loose xaml can contain executable payload e.g. `ObjectDataProvider`. This Xaml can be included as part of `XpsDocument`s or base-64 encoded and then included in `StickyNote`s' annotation xml files.

In WPF, we were allowing `XpsDocument`s and `StickyNote`s' annotation xml files to be loaded freely via `XamlReader.Load`.

This exposes an attack vector - when a user downloads an XPS file from the internet for *viewing*, they could end up executing untrusted code.

The fix is to identify known dangerous types and limit them from being deserialized during XAML loading.

Small changes are made to `TextRange` as well since the call-site for the `StickyNote`s case was through a call to `TextRange` which in turn calls into `XamlReader.Load`.

### Customer Impact

Customers would be protected from opening potentially-compromised XPS documents and stickynotes annotation xml files.

### Regression
No. This security issue was reported by an external party.

### Risk - Low

- This change only affects loading XPS documents and loading stickynotes annotation data.
- The change has been tested well internally.
- We ran regression tests to ensure nothing else is inadvertently broken.
- Validated against POC to ensure that the fix works as intended.

In .NET Framework, we are introducing a quirk to give developers/cusotmers the option of going back to the old (i.e., unsecure) behavior where deserializing dangerous types like `ObjectDataProvider` will be allowed. In .NET Core, no quirks are being provided - we do not believe that this is a scenario that should be supported for compatibility in a relatively new platform.

2059ccbc

Update dependencies from... · f59734d7

由 dotnet-maestro[bot] 提交于 11月 21, 2019

Update dependencies from https://dev.azure.com/dnceng/internal/_git/dotnet-wpf-int build 20191120.4 (#2226)

- Microsoft.DotNet.Wpf.DncEng - 4.8.0-servicing.19570.4

f59734d7

20 11月, 2019 1 次提交
- V
  
  Fixup pipelines for internal PR's to work (#2209) · b240fadc
  由 Vatsan Madhavan 提交于 11月 19, 2019
  
  b240fadc
19 11月, 2019 1 次提交
- V
  
  add internal/release/3.* to PR trigger list (#2202) · 2ead9c5c
  由 Vatsan Madhavan 提交于 11月 18, 2019
  
  2ead9c5c
11 10月, 2019 1 次提交
- R
  Merge pull request #2011 from dotnet/dev/roladuca/missingfwds30 · a4f24b6a
  由 Rob LaDuca 提交于 10月 10, 2019
```
Fix missing type forwards in reference assemblies (3.0 port)
```
  a4f24b6a
04 10月, 2019 1 次提交
- R
  
  Fix missing type forwards in reference assemblies · b38032d7
  由 Rob LaDuca 提交于 10月 03, 2019
  
  b38032d7
01 10月, 2019 1 次提交
- D
  Update dependencies from https://github.com/dotnet/winforms build 20190930.1 (#1975) · d4121027
  由 dotnet-maestro[bot] 提交于 9月 30, 2019
```
- Microsoft.Private.Winforms - 4.8.0-servicing.19480.1
```
  d4121027
26 9月, 2019 2 次提交
- V
  Merge pull request #1958 from wpfcontrib/fixup-nonshipping-pkgs · 8f8c0a3f
  由 Vatsan Madhavan 提交于 9月 25, 2019
```
Mark ProjectTemplates and Microsoft.NET.Sdk.WindowsDesktop as NonShipping
```
  8f8c0a3f
- V
  
  Mark ProjectTemplates and Microsoft.NET.Sdk.WindowsDesktop as NonShipping · 3c55a1ee
  由 Vatsan Madhavan 提交于 9月 25, 2019
  
  3c55a1ee
25 9月, 2019 2 次提交
- V
  Merge pull request #1951 from wpfcontrib/update-branding-301 · bf9f7c48
  由 Vatsan Madhavan 提交于 9月 24, 2019
```
Update branding for 3.0.1 servicing and turn off stable builds
```
  bf9f7c48
- V
  
  Update branding for 3.0.1 servicing and turn off stable builds · 1efe5529
  由 Vatsan Madhavan 提交于 9月 24, 2019
  
  1efe5529
13 9月, 2019 1 次提交
- D
  Update dependencies from https://github.com/dotnet/winforms build 20190912.10 (#1875) · 3e992152
  由 dotnet-maestro[bot] 提交于 9月 12, 2019
```
- Microsoft.Private.Winforms - 4.8.0-rc2.19462.10
```
  3e992152
12 9月, 2019 9 次提交

M
Merge pull request #1873 from mmitche/stabilize-wpf · 8182abc8
由 Matt Mitchell 提交于 9月 12, 2019
```
Stabilize wpf for 3.0 GA
```
8182abc8
M

Merge branch 'release/3.0' into stabilize-wpf · 198813f7
由 Matt Mitchell 提交于 9月 12, 2019

198813f7

Update dependencies from https://github.com/dotnet/winforms build 20190912.7 (#1874) · 2eec7de3

由 dotnet-maestro[bot] 提交于 9月 12, 2019

- Microsoft.Private.Winforms - 4.8.0-rc2.19462.7

Dependency coherency updates

- Microsoft.Win32.Registry - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.App - 3.0.0-rc2-19460-02 (parent: Microsoft.Private.Winforms)
- System.CodeDom - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Configuration.ConfigurationManager - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Diagnostics.EventLog - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.DirectoryServices - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Drawing.Common - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Reflection.Emit - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Reflection.MetadataLoadContext - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Security.AccessControl - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Security.Cryptography.Xml - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Security.Permissions - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Security.Principal.Windows - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.Windows.Extensions - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.Platforms - 3.0.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- System.IO.Packaging - 4.6.0-rc2.19460.1 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILDAsm - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.Runtime.CoreCLR)
- Microsoft.NETCore.Runtime.CoreCLR - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILAsm - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.Runtime.CoreCLR)

2eec7de3

M

Merge branch 'release/3.0' into stabilize-wpf · 58ca3839
由 Matt Mitchell 提交于 9月 12, 2019

58ca3839
M

Stabilize wpf for 3.0 GA · c3bc4a74
由 mmitche 提交于 9月 12, 2019

c3bc4a74

Update dependencies from... · 26620ae6

由 dotnet-maestro[bot] 提交于 9月 12, 2019

Update dependencies from https://dev.azure.com/dnceng/internal/_git/dotnet-wpf-int build 20190911.43 (#1865)

- Microsoft.DotNet.Wpf.DncEng - 4.8.0-rc2.19461.43

26620ae6

M
Merge pull request #1864 from dotnet/darc-release/3.0-e6e27dea-5121-4168-8ef6-0cef03774746 · f6ec8dd2
由 Matt Mitchell 提交于 9月 12, 2019
```
[release/3.0] Update dependencies from dotnet/arcade
```
f6ec8dd2

Update dependencies from https://github.com/dotnet/arcade build 20190911.7 · bd8d6812

由 dotnet-maestro[bot] 提交于 9月 12, 2019

- Microsoft.DotNet.ApiCompat - 1.0.0-beta.19461.7
- Microsoft.DotNet.Arcade.Sdk - 1.0.0-beta.19461.7
- Microsoft.DotNet.CodeAnalysis - 1.0.0-beta.19461.7
- Microsoft.DotNet.GenAPI - 1.0.0-beta.19461.7
- Microsoft.DotNet.Helix.Sdk - 2.0.0-beta.19461.7

bd8d6812

Update dependencies from https://github.com/dotnet/winforms build 20190812.4 (#1856) · 628841c6

由 dotnet-maestro[bot] 提交于 9月 12, 2019

- Microsoft.Private.Winforms - 4.8.0-preview9.19412.4

Dependency coherency updates

- Microsoft.Win32.Registry - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.App - 3.0.0-preview9-19411-11 (parent: Microsoft.Private.Winforms)
- System.CodeDom - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Configuration.ConfigurationManager - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Diagnostics.EventLog - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.DirectoryServices - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Drawing.Common - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Reflection.Emit - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Reflection.MetadataLoadContext - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Security.AccessControl - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Security.Cryptography.Xml - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Security.Permissions - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Security.Principal.Windows - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.Windows.Extensions - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.Platforms - 3.0.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- System.IO.Packaging - 4.6.0-preview9.19409.17 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILDAsm - 3.0.0-preview9.19409.2 (parent: Microsoft.NETCore.Runtime.CoreCLR)
- Microsoft.NETCore.Runtime.CoreCLR - 3.0.0-preview9.19409.2 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILAsm - 3.0.0-preview9.19409.2 (parent: Microsoft.NETCore.Runtime.CoreCLR)

628841c6

11 9月, 2019 3 次提交

Update dependencies from... · 9e5a8663

由 dotnet-maestro[bot] 提交于 9月 11, 2019

Update dependencies from https://dev.azure.com/dnceng/internal/_git/dotnet-wpf-int build 20190910.13 (#1840)

- Microsoft.DotNet.Wpf.DncEng - 4.8.0-rc2.19460.13

9e5a8663

[release/3.0] Update dependencies from dotnet/winforms (#1834) · d72f8a5e

由 dotnet-maestro[bot] 提交于 9月 10, 2019

* Update dependencies from https://github.com/dotnet/winforms build 20190904.3

- Microsoft.Private.Winforms - 4.8.0-rc1.19454.3

* Update dependencies from https://github.com/dotnet/winforms build 20190905.15

- Microsoft.Private.Winforms - 4.8.0-rc2.19455.15

* Update dependencies from https://github.com/dotnet/winforms build 20190906.4

- Microsoft.Private.Winforms - 4.8.0-rc2.19456.4

* Update dependencies from https://github.com/dotnet/winforms build 20190907.4

- Microsoft.Private.Winforms - 4.8.0-rc2.19457.4

* Update dependencies from https://github.com/dotnet/winforms build 20190908.3

- Microsoft.Private.Winforms - 4.8.0-rc2.19458.3

* Update dependencies from https://github.com/dotnet/winforms build 20190909.5

- Microsoft.Private.Winforms - 4.8.0-rc2.19459.5

* Update dependencies from https://github.com/dotnet/winforms build 20190909.7

- Microsoft.Private.Winforms - 4.8.0-rc2.19459.7

* Update dependencies from https://github.com/dotnet/winforms build 20190909.12

- Microsoft.Private.Winforms - 4.8.0-rc2.19459.12

* Update dependencies from https://github.com/dotnet/winforms build 20190909.13

- Microsoft.Private.Winforms - 4.8.0-rc2.19459.13

* Update dependencies from https://github.com/dotnet/winforms build 20190910.2

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.2

* Update dependencies from https://github.com/dotnet/winforms build 20190910.6

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.6

* Update dependencies from https://github.com/dotnet/winforms build 20190910.4

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.4

* Update dependencies from https://github.com/dotnet/winforms build 20190910.9

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.9

* Update dependencies from https://github.com/dotnet/winforms build 20190910.10

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.10

* Update dependencies from https://github.com/dotnet/winforms build 20190910.11

- Microsoft.Private.Winforms - 4.8.0-rc2.19460.11

* Dependency coherency updates

- Microsoft.Win32.Registry - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.App - 3.0.0-rc2-19459-40 (parent: Microsoft.Private.Winforms)
- System.CodeDom - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Configuration.ConfigurationManager - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Diagnostics.EventLog - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.DirectoryServices - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Drawing.Common - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Reflection.Emit - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Reflection.MetadataLoadContext - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Security.AccessControl - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Security.Cryptography.Xml - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Security.Permissions - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Security.Principal.Windows - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.Windows.Extensions - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.Platforms - 3.0.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- System.IO.Packaging - 4.6.0-rc2.19459.12 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILDAsm - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.Runtime.CoreCLR)
- Microsoft.NETCore.Runtime.CoreCLR - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.App)
- Microsoft.NETCore.ILAsm - 3.0.0-rc2.19459.3 (parent: Microsoft.NETCore.Runtime.CoreCLR)

d72f8a5e

M
Merge pull request #1831 from dotnet/darc-release/3.0-4d61a59c-f9cb-428b-9f87-a769d73b2587 · 77464f77
由 Matt Mitchell 提交于 9月 10, 2019
```
[release/3.0] Update dependencies from dotnet/arcade
```
77464f77

dotNET Platform / wpf 大约 1 年 前同步成功

dotNET Platform / wpf
大约 1 年前同步成功