libxstream-java 1.4.11.1-1ubuntu0.1 source package in Ubuntu
Changelog
libxstream-java (1.4.11.1-1ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: Command Injection Vulnerability - debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids vulnerability due to improper setup and update security vulnerability test to test default. - debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the local host. - CVE-2020-26217 - CVE-2020-26259 * SECURITY UPDATE: Server-Side Request Forgery Vulnerability - debian/patches/CVE-2020-26258.patch: Fix access data streams from an arbitrary URL. - CVE-2020-26258 * Add a new maven rule to fix FTBFS. - debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt. -- Paulo Flabiano Smorigo <email address hidden> Wed, 27 Jan 2021 12:57:43 +0000
Upload details
- Uploaded by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- java
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libxstream-java_1.4.11.1.orig.tar.xz | 434.7 KiB | 24eb3173a9c4be2d30cdf7271336870c147e1bb0cee0bcc512d6198d7a12d038 |
libxstream-java_1.4.11.1-1ubuntu0.1.debian.tar.xz | 10.7 KiB | b7806569914611e8abbd448e2fe8443e05b909a86b09e134dee5a5b25a881588 |
libxstream-java_1.4.11.1-1ubuntu0.1.dsc | 2.5 KiB | c4eb092f4c897c1a306f737027359700eb07dcf958db6c514251e462109bfc7a |
Available diffs
Binary packages built by this source
- libxstream-java: Java library to serialize objects to XML and back again
The features of the XStream library are:
.
- Ease of use. A high level facade is supplied that simplifies common
use cases.
- No mappings required. Most objects can be serialized without need
for specifying mappings.
- Performance. Speed and low memory footprint are a crucial part of
the design, making it suitable for large object graphs or systems
with high message throughput.
- Clean XML. No information is duplicated that can be obtained via
reflection. This results in XML that is easier to read for humans
and more compact than native Java serialization.
- Requires no modifications to objects. Serializes internal fields,
including private and final. Supports non-public and inner classes.
Classes are not required to have default constructor.
- Full object graph support. Duplicate references encountered in the
object-model will be maintained. Supports circular references.
- Integrates with other XML APIs. By implementing an interface,
XStream can serialize directly to/from any tree structure (not just
XML).
- Customizable conversion strategies. Strategies can be registered
allowing customization of how particular types are represented as
XML.
- Error messages. When an exception occurs due to malformed XML,
detailed diagnostics are provided to help isolate and fix the
problem.
- Alternative output format. The modular design allows other output
formats. XStream ships currently with JSON support and morphing.