[ANN] XStream 1.4.17 released
16 views
Skip to first unread message
Jörg Schaible
May 14, 2021, 9:15:49 AM5/14/21
to xstrea...@googlegroups.com
Dear Community,
XStream 1.4.17 has been released and is also available on Maven Central. The
version targets the security vulnerability CVE-2021-29505, a Remote Command
Execution attack, detected and reported by V3geB1rd, white hat hacker from
Tencent Security Response Center - thanks a lot.
The XStream Committers strongly recommends to all users, to use XStream's
security framework to setup a whitelist. None of the found security issues in
the last months applies to such a setup..
Regards,
XStream Committers
XStream 1.4.17 has been released and is also available on Maven Central. The
version targets the security vulnerability CVE-2021-29505, a Remote Command
Execution attack, detected and reported by V3geB1rd, white hat hacker from
Tencent Security Response Center - thanks a lot.
The XStream Committers strongly recommends to all users, to use XStream's
security framework to setup a whitelist. None of the found security issues in
the last months applies to such a setup..
Regards,
XStream Committers
Reply all
Reply to author
Forward
0 new messages