libxstream-java 1.4.11.1-1~18.04.1 source package in Ubuntu
Changelog
libxstream-java (1.4.11.1-1~18.04.1) bionic-security; urgency=medium * SECURITY UPDATE: Command Injection Vulnerability - debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids vulnerability due to improper setup and update security vulnerability test to test default. - debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the local host. - CVE-2020-26217 - CVE-2020-26259 * SECURITY UPDATE: Server-Side Request Forgery Vulnerability - debian/patches/CVE-2020-26258.patch: Fix access data streams from an arbitrary URL. - CVE-2020-26258 * Add a new maven rule to fix FTBFS. - debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt. -- Paulo Flabiano Smorigo <email address hidden> Thu, 28 Jan 2021 14:36:59 +0000
Upload details
- Uploaded by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Bionic
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- java
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libxstream-java_1.4.11.1.orig.tar.xz | 434.7 KiB | 24eb3173a9c4be2d30cdf7271336870c147e1bb0cee0bcc512d6198d7a12d038 |
libxstream-java_1.4.11.1-1~18.04.1.debian.tar.xz | 10.7 KiB | cddee8f92845e0fe13aecea087e17c443e91e8a03279eabcc6d60822b30e3c50 |
libxstream-java_1.4.11.1-1~18.04.1.dsc | 2.4 KiB | 061f2bc787c8befd1aee7b33269071f933b2271b4a5da1049c2876ecb7a1206f |
Available diffs
Binary packages built by this source
- libxstream-java: Java library to serialize objects to XML and back again
The features of the XStream library are:
.
- Ease of use. A high level facade is supplied that simplifies common
use cases.
- No mappings required. Most objects can be serialized without need
for specifying mappings.
- Performance. Speed and low memory footprint are a crucial part of
the design, making it suitable for large object graphs or systems
with high message throughput.
- Clean XML. No information is duplicated that can be obtained via
reflection. This results in XML that is easier to read for humans
and more compact than native Java serialization.
- Requires no modifications to objects. Serializes internal fields,
including private and final. Supports non-public and inner classes.
Classes are not required to have default constructor.
- Full object graph support. Duplicate references encountered in the
object-model will be maintained. Supports circular references.
- Integrates with other XML APIs. By implementing an interface,
XStream can serialize directly to/from any tree structure (not just
XML).
- Customizable conversion strategies. Strategies can be registered
allowing customization of how particular types are represented as
XML.
- Error messages. When an exception occurs due to malformed XML,
detailed diagnostics are provided to help isolate and fix the
problem.
- Alternative output format. The modular design allows other output
formats. XStream ships currently with JSON support and morphing.