Information on source package libxstream-java

Available versions

Release	Version
stretch	1.4.9-2
stretch (security)	1.4.11.1-1+deb9u3
buster	1.4.11.1-1+deb10u2
bullseye	1.4.15-3
bookworm	1.4.18-1
sid	1.4.18-1

Open issues

Bug	stretch	buster	bullseye	bookworm	sid	Description
CVE-2021-39154	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39153	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39152	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39151	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39150	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39149	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39148	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39147	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39146	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39145	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39144	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39141	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39140	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-39139	vulnerable	vulnerable	vulnerable	fixed	fixed	XStream is a simple library to serialize objects to XML and back again ...
CVE-2021-29505	fixed	vulnerable	fixed	fixed	fixed	XStream is software for serializing Java objects to XML and back again ...
CVE-2021-21351	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21350	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21349	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21348	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21347	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21346	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21345	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21344	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21343	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21342	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2021-21341	fixed	vulnerable	fixed	fixed	fixed	XStream is a Java library to serialize objects to XML and back again. ...

Resolved issues

Bug	Description
CVE-2020-26259	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2020-26258	XStream is a Java library to serialize objects to XML and back again. ...
CVE-2020-26217	XStream before version 1.4.14 is vulnerable to Remote Code Execution.T ...
CVE-2019-10173	It was found that xstream API version 1.4.10 before 1.4.11 introduced ...
CVE-2017-7957	XStream through 1.4.9, when a certain denyTypes workaround is not used ...
CVE-2016-3674	Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDri ...
CVE-2013-7285	Xstream API versions up to 1.4.6 and version 1.4.10, if the security f ...

Security announcements

DSA / DLA	Description
DLA-2704-1	libxstream-java - security update
DLA-2616-1	libxstream-java - security update
DSA-4828-1	libxstream-java - security update
DLA-2507-1	libxstream-java - security update
DSA-4811-1	libxstream-java - security update
DLA-2471-1	libxstream-java - security update
DSA-3841-1	libxstream-java - security update
DLA-930-1	libxstream-java - security update
DLA-504-1	libxstream-java - security update
DSA-3575-1	libxstream-java - security update