libxstream-java 1.4.8-1ubuntu0.1 source package in Ubuntu

Changelog

libxstream-java (1.4.8-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: handle void type class (LP: #1780844)
    - d/p/CVE-2017-7957.patch: Prevent deserialization of void.
    - CVE-2017-7957

 -- Dan Streetman <email address hidden>  Mon, 09 Jul 2018 15:21:51 -0400

Upload details

Uploaded by:
Dan Streetman on 2018-07-12
Sponsored by:
Emily Ratliff
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2018-07-19 universe libs
Xenial security on 2018-07-19 universe libs

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
libxstream-java_1.4.8.orig.tar.xz 392.4 KiB 495e6efc66719b6c757b00e373f379511ee41324aa6e7ed4c57fd451fb65fca3
libxstream-java_1.4.8-1ubuntu0.1.debian.tar.xz 7.7 KiB fa0ddf2b0ae74b9e2bd448130335c8210334d7d331fa2ea00ae132aa69a7188a
libxstream-java_1.4.8-1ubuntu0.1.dsc 2.4 KiB 3732f34645e5f0d8a66826ffbb7d53d7639d4fdb8f7ab33c941e62f9a13d09a0

View changes file

Binary packages built by this source

libxstream-java: Java library to serialize objects to XML and back again

 The features of the XStream library are:
 .
  - Ease of use. A high level facade is supplied that simplifies common
    use cases.
  - No mappings required. Most objects can be serialized without need
    for specifying mappings.
  - Performance. Speed and low memory footprint are a crucial part of
    the design, making it suitable for large object graphs or systems
    with high message throughput.
  - Clean XML. No information is duplicated that can be obtained via
    reflection. This results in XML that is easier to read for humans
    and more compact than native Java serialization.
  - Requires no modifications to objects. Serializes internal fields,
    including private and final. Supports non-public and inner classes.
    Classes are not required to have default constructor.
  - Full object graph support. Duplicate references encountered in the
    object-model will be maintained. Supports circular references.
  - Integrates with other XML APIs. By implementing an interface,
    XStream can serialize directly to/from any tree structure (not just
    XML).
  - Customizable conversion strategies. Strategies can be registered
    allowing customization of how particular types are represented as
    XML.
  - Error messages. When an exception occurs due to malformed XML,
    detailed diagnostics are provided to help isolate and fix the
    problem.
  - Alternative output format. The modular design allows other output
    formats. XStream ships currently with JSON support and morphing.