Vulnerability in EPiServer.Forms
After installing EPiServer 7.5, one of my episerver 6 sites is failing to start with the error:
The EPiServer 6 website has the correct version of the assembly in its bin folder (version 6.2.267.1) and in the web.config, the following is decalred:
<dependentAssembly> <assemblyIdentity name="EPiServer.Licensing" publicKeyToken="8fe83dea738b45b7" culture="neutral" /> <bindingRedirect oldVersion="184.108.40.206-6.2.267.1" newVersion="6.2.267.1" /> </dependentAssembly>
My understanding is that with the binding redirect set like this in the config file, the site should correctly be using the dll from the bin folder.
Can anyone help?
My guess is that there is some other assembly of version 7.5 loaded into the AppDomain (if that assembly then references 7.5 version of EPiServer.Licensing you might get that problem).
Is it possible to have a Visual Studio attached to the site while starting, if so check in Debug\Windows\Modules and see if there is any 7.5 version of any EPiServer assembly loaded.
Otherwise check in the sites bin folder so there is no EPiServer 7.5 version assembly there or perhaps an assembly referencing a 7.5 assembly.
I have experienced a similar problem to this on other EPiServer assemblies on an EPiServer 6 R2 build. I found that I had to set "Specific Version" to true on each assembly that was experiencing the problem (it was on a Windows 8 machine). It seemed that the project was always trying to get the latest assembly version even though no 7.x assemblies were in the GAC.
I never had time to the bottom of the problem but hope it may be able to help you!
From the exception actually it sounds that somebody else is requsting 7.5 version -> but got 6.2.X.X -> which is located in AppDomain. I would start from another end :) Enable FusionLog and check - you may see calling assembly.
If that fails and there could be - "Unknown library" or similar, I would enlist all dll files in bin folder with versions to check - maybe there is some alien requesting 7.5 version..
Thanks for replies all.
When I attatched the debugger, I received a more helpfull stack trace showing the dll exception originating from the license check in the app initalization.
It then occured to me that for the EPiServer 6 site, I have re-used a license from a 7.5 site which was on my pc.. opps!
So because the site had a 7.5 liscence, EPiServer was trying to load the 7.5 licensing dll.
Put a correct v6 license into the site and it worked fine.
So my intuition didn't fail :)