Symptom
If you have .Net 9 in your environment, when you compile a PowerServer solution in PowerBuilder IDE, you will get some critical severity vulnerability warning messages in the output window similar to the one below:
warning NU1904: Package ‘System.Drawing.Common’ 4.7.0 has a known critical severity vulnerability, https://github.com/advisories/GHSA-rxg9-xrhp-64gj.
Environment
PowerBuilder 2022 R3 MR 3397
PowerServer 2022 R3 MR 3397
Cause
This is because .Net 9 warns user if any library referenced has any vulnerability and some third-party libraries referenced in your PowerServer solution contain vulnerabilities, requiring you to update them to a newer version manually.
Resolution
You can follow instructions below to update the following references to a newer version where the vulnerabilities have been addressed.
1. Update the PowerServer.Core and PowerServer.API NuGet packages in the PowerServer solution to version 2.3.4.
1) Open the <your_web_api_solution_location>\AppModels\AppModels.csproj file and modify the line to use the 2.3.4 version of PowerServer.Core NuGet package as follows.
<PackageReference Include="PowerServer.Core" Version="2.3.4" />
2) Open the <your_web_api_solution_location>\ServerAPIs\ServerAPIs.csproj file and modify the line to use the 2.3.4 version of PowerServer.API NuGet package as follows.
<PackageReference Include="PowerServer.Api" Version="2.3.4" />
2. Open the <your_web_api_solution_location>\UserExtensions\Logging\Logging.xml file and modify the line to use the 2.22.0 version of Microsoft.ApplicationInsights.AspNetCore as follows.
<PackageReference Include=”Microsoft.ApplicationInsights.AspNetCore” Version=”2.22.0” />
3. Rebuild the solution.
Note: <your_web_api_solution_location>: You can find this location in your PowerServer project -> Build -> Web API solution location -> Open Folder.