[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47342: [PATCH 2/2] gnu: java-xstream: Update to 1.4.16 [security fix
From: |
Leo Famulari |
Subject: |
bug#47342: [PATCH 2/2] gnu: java-xstream: Update to 1.4.16 [security fixes]. |
Date: |
Tue, 23 Mar 2021 13:33:45 -0400 |
On Tue, Mar 23, 2021 at 03:38:40PM +0100, Léo Le Bouter via Bug reports for GNU
Guix wrote:
> Fixes CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344,
> CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348,
> CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351.
>
> * gnu/packages/xml.scm (java-xstream): Update to 1.4.16.
> [inputs]: Replace java-xpp3 with java-mxparser, the latter being a fork of the
> former made by upstream.
Thanks for the patch!
Pinging Julien...
- bug#47342: java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351, Léo Le Bouter, 2021/03/23
- bug#47342: java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351, Julien Lepiller, 2021/03/23