Codebase list libxstream-java / dac776f
note to changelog (1.4.11.1-1+deb10u3) for buster-security Hideki Yamane 2 years ago
1 changed file(s) with 12 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
0 libxstream-java (1.4.11.1-1+deb10u3) buster-security; urgency=high
1
2 * Team upload.
3 * Fix CVE-2021-29505:
4 - The vulnerability may allow a remote attacker has sufficient rights
5 to execute commands of the host only by manipulating the processed
6 input stream. No user is affected, who followed the recommendation
7 to setup XStream's security framework with a whitelist limited to
8 the minimal required types.
9
10 -- Hideki Yamane <henrich@debian.org> Thu, 17 Jun 2021 22:02:16 +0900
11
012 libxstream-java (1.4.11.1-1+deb10u2) buster-security; urgency=high
113
214 * Team upload.