Bug#861521: libxstream-java: CVE-2017-7957
Thank you Salvatore. Here is the upstream commit that has to be backported: https://github.com/x-stream/xstream/commit/b3570be Emmanuel Bourg
Bug#861521: libxstream-java: CVE-2017-7957
Source: libxstream-java Version: 1.4.7-2 Severity: important Tags: security upstream Hi, the following vulnerability was published for libxstream-java. CVE-2017-7957[0]: | XStream through 1.4.9, when a certain denyTypes workaround is not used, | mishandles attempts to create an instance of the
