Add System.Security.Cryptography.Xml.8.0.0 to address CVE-2023-29331

[RussKie]

A pre-req for dotnet/aspnetcore#55304

[RussKie]

@MichaelSimons @mthalman I've run PS > .\generate.cmd -package System.Security.Cryptography.Xml,8.0.0 and this is the result.
The docs state that the new projects need to be added to https://github.com/dotnet/source-build-reference-packages/blob/main/eng/Build.props, but I've searched the repo and I didn't see the original System.Security.Cryptography.Xml.6.0.1.csproj project being referenced anywhere (did I miss it?).

Is there anytything else I need to do?

[oleksandr-didyk]

but I've searched the repo and I didn't see the original System.Security.Cryptography.Xml.6.0.1.csproj project being referenced anywhere (did I miss it?).

The required entry in Build.props is for the package being added and not meant as an update to existing references. Unless I miss-understood your comment.

So its just about putting:

  <DependencyPackageProjects Include="$(RepoRoot)src\referencePackages\src\**\System.Security.Cryptography.Xml.8.0.0.csproj" />

[RussKie]

May I please get help with the build errors?

[oleksandr-didyk]

Of course, taking a look

[oleksandr-didyk]

Those look like compilation errors for the package being added, i.e. there are probably some manual changes that need to be made to resolve them. Is the build passing locally for you?