Update dependency SixLabors.ImageSharp to 3.1.11 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
SixLabors.ImageSharp	3.1.7 → 3.1.11

GitHub Vulnerability Alerts

CVE-2025-54575

Impact

A specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version.

Patches

The problem has been patched. All users are advised to upgrade to v3.1.11 or v2.1.11.

Workarounds

None.

---

Release Notes

SixLabors/ImageSharp (SixLabors.ImageSharp)

v3.1.11

What's Changed

• Backport V3 - GIF: Check for end of stream when reading comments. by @​JimBobSquarePants in #​2955

Full Changelog: SixLabors/ImageSharp@v3.1.10...v3.1.11

v3.1.10

What's Changed

• V3: Remove ExifTagValue.InteroperabilityIndex by @​JimBobSquarePants in #​2939
• V3 TIFF : Allow additional and undefined extra samples by @​JimBobSquarePants in #​2942
• V3 Use EXIF byte order for EXIF encoded strings. by @​JimBobSquarePants in #​2944
• V3 Backport : Reduce the number of memory allocations in lossless WebP encoder by @​JimBobSquarePants in #​2947

Full Changelog: SixLabors/ImageSharp@v3.1.9...v3.1.10

v3.1.9

What's Changed

• V3: Do not attempt to decode iDAT chunks when image is fully decoded. by @​JimBobSquarePants in #​2927
• V3 - Do not throw exception for non-required chunks. by @​JimBobSquarePants in #​2929
• V3: Do not encode WEBP images exceeding max dimensions by @​JimBobSquarePants in #​2931

Full Changelog: SixLabors/ImageSharp@v3.1.8...v3.1.9

v3.1.8

What's Changed

• V3 : Fix GIF, PNG, and WEBP Edge Case Handling by @​JimBobSquarePants in #​2882
• V3 Nested sub ifds parsing fix by @​JimBobSquarePants in #​2913
• V3: Undo horizontal prediction for each tile row in case of tiled tiff's by @​JimBobSquarePants in #​2914
• V3 - Use BPP from Color Writer for Compressor by @​JimBobSquarePants in #​2915

Full Changelog: SixLabors/ImageSharp@v3.1.7...v3.1.8

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.