libxstream-java 1.4.7-1ubuntu0.1 source package in Ubuntu


libxstream-java (1.4.7-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: handle void type class (LP: #1780844)
    - d/p/CVE-2017-7957.patch: Prevent deserialization of void.
    - CVE-2017-7957

 -- Dan Streetman <email address hidden>  Mon, 09 Jul 2018 15:29:05 -0400

Upload details

Uploaded by:
Dan Streetman on 2018-07-12
Sponsored by:
Emily Ratliff
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2018-07-19 universe libs
Trusty security on 2018-07-19 universe libs


Trusty: [FULLYBUILT] i386


File Size SHA-256 Checksum
libxstream-java_1.4.7.orig.tar.xz 388.0 KiB 33aeb2217d2dd3734abcd6cc6f3d3283fed2646e4cbc79102d5237a099738eed
libxstream-java_1.4.7-1ubuntu0.1.debian.tar.gz 7.7 KiB 102d8cb3b5c4866723f129baf918a28eedc7324b3f0db2952dd926ec59cf7de9
libxstream-java_1.4.7-1ubuntu0.1.dsc 2.4 KiB 989c50d7207e7c248263382e1d146f13c878668e1fa92b0247d9f8aa32fb40b0

View changes file

Binary packages built by this source

libxstream-java: Java library to serialize objects to XML and back again

 The features of the XStream library are:
  - Ease of use. A high level facade is supplied that simplifies common
    use cases.
  - No mappings required. Most objects can be serialized without need
    for specifying mappings.
  - Performance. Speed and low memory footprint are a crucial part of
    the design, making it suitable for large object graphs or systems
    with high message throughput.
  - Clean XML. No information is duplicated that can be obtained via
    reflection. This results in XML that is easier to read for humans
    and more compact than native Java serialization.
  - Requires no modifications to objects. Serializes internal fields,
    including private and final. Supports non-public and inner classes.
    Classes are not required to have default constructor.
  - Full object graph support. Duplicate references encountered in the
    object-model will be maintained. Supports circular references.
  - Integrates with other XML APIs. By implementing an interface,
    XStream can serialize directly to/from any tree structure (not just
  - Customizable conversion strategies. Strategies can be registered
    allowing customization of how particular types are represented as
  - Error messages. When an exception occurs due to malformed XML,
    detailed diagnostics are provided to help isolate and fix the
  - Alternative output format. The modular design allows other output
    formats. XStream ships currently with JSON support and morphing.