xstream (SL7)

By Scientific Linux Team on January 26, 2021

Synopsis: Important: xstream security update
Advisory ID: SLSA-2021:0162-1
Issue Date: 2021-01-19
CVE Numbers: CVE-2020-26217
—

Security Fix(es):

* XStream: remote code execution due to insecure XML deserialization when
relying on blocklists (CVE-2020-26217)
—

SL7
noarch
xstream-1.3.1-12.el7_9.noarch.rpm
xstream-javadoc-1.3.1-12.el7_9.noarch.rpm

– Scientific Linux Development Team