Added more blacklisted namespaces to the delegate validator.

README.md

@@ -4,6 +4,7 @@ This tiny library tries to fix several known BinaryFormatter vulnerabilities.
 When a malicious payload is detected, the library throws an `UnsafeDeserializationException`
 instead of deserializing the data that is able to produce bad side effects. 
 
+[![GitQ](https://gitq.com/badge.svg)](https://gitq.com/zyanfx/Zyan)
 [![appveyor](https://ci.appveyor.com/api/projects/status/github/zyanfx/safedeserializationhelpers?svg=true)](https://ci.appveyor.com/project/yallie/safedeserializationhelpers)
 [![tests](https://img.shields.io/appveyor/tests/yallie/safedeserializationhelpers.svg)](https://ci.appveyor.com/project/yallie/safedeserializationhelpers/build/tests)
 [![nuget](https://img.shields.io/nuget/v/Zyan.SafeDeserializationHelpers.svg)](https://nuget.org/packages/Zyan.SafeDeserializationHelpers)

SafeDeserializationHelpers/DelegateValidator.cs

@@ -15,6 +15,14 @@ public class DelegateValidator : IDelegateValidator
         {
             "System.IO",
             "System.Diagnostics",
+            "System.Management",
+            "System.Reflection",
+            "System.Configuration",
+            "System.Security",
+            "System.Web",
+            "System.ServiceModel",
+            "System.Activities",
+            "System.Workflow",
         };
 
         /// <summary>

SafeDeserializationHelpers/Properties/AssemblyInfo.cs

@@ -30,5 +30,5 @@
 //      Revision
 //
 [assembly: AssemblyVersion("0.1.0.0")]
-[assembly: AssemblyFileVersion("0.1.0.0")]
+[assembly: AssemblyFileVersion("0.3.0.0")]
 [assembly: InternalsVisibleTo("Zyan.SafeDeserializationHelpers, PublicKey=002400000480000014010000060200000024000052534131000800000100010009f12bb1d0b268900b17ce1f11cbb27ded300eb14eb2ad469aa108a2df0566c28a37681ba7bfda1c3222e8a4bee7f76c6b9dbb7bbd41eea6047c266312e905142b6e1e739ef1da481527825222396b9eb0e8f7efb14f2fd3bc7bd66207c39914897057eda9ac9c5263848b6cdcba79a8567335b2f88a813723fe9dcc01dc41d5c56886f13eae33c525f1614f314d97f4c82907e1bc848358b6f233fe9bd2318e0346b3248e5b17163948cc5a4f1c1798c153d8428896ee97affcce529c1f6aae393b81a616790dbec006ab8b6be117989f01bc0c31a813814b296491375b63505d00491fad37c20c68cc46d130ba537cfd460817e7190125711832a49d32e6b9")]

SafeDeserializationHelpers/Zyan.SafeDeserializationHelpers.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Zyan.SafeDeserializationHelpers</id>
-    <version>0.2</version>
+    <version>0.3</version>
     <title>Zyan.SafeDeserializationHelpers</title>
     <authors>yallie</authors>
     <owners>Alexey Yakovlev</owners>
@@ -11,9 +11,16 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <description>Safe deserialization helper library to fix known BinaryFormatter vulnerabilities.</description>
     <summary>Safe deserialization helper library to fix known BinaryFormatter vulnerabilities.</summary>
-    <releaseNotes>Updated TypeFilterLevel to match the .NET defaults.</releaseNotes>
+    <releaseNotes>
+      v0.3.0:
+      - Added more blacklisted namespaces to the delegate validator.
+      v0.2.0:
+      - Updated TypeFilterLevel to match the .NET defaults.
+      v0.1.0:
+      - Initial release.
+    </releaseNotes>
     <language>en-US</language>
-    <tags>security deserialization BinaryFormatter</tags>
+    <tags>security deserialization vulnerability BinaryFormatter</tags>
   </metadata>
   <files>
     <file src="bin\Release\Zyan.SafeDeserializationHelpers.dll" target="lib\net35\Zyan.SafeDeserializationHelpers.dll" />