JEP 415: Context-specific Deserialization Filters extends the deserialization filtering mechanisms with more flexible and customizable protections against malicious deserialization. See JEP 415: https://openjdk.java.net/jeps/415. The `java.io.ObjectInputFilter` and `java.io.ObjectInputStream` classes are extended with additional configuration mechanisms and filter utilities.
------------- Commit messages: - JEP 415: Context-specific Deserialization Filters Changes: https://git.openjdk.java.net/jdk/pull/3996/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=3996&range=00 Issue: https://bugs.openjdk.java.net/browse/JDK-8264859 Stats: 1583 lines in 5 files changed: 1475 ins; 24 del; 84 mod Patch: https://git.openjdk.java.net/jdk/pull/3996.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/3996/head:pull/3996 PR: https://git.openjdk.java.net/jdk/pull/3996
