[Bug 1780844] Re: CVE-2017-7957: XStream through 1.4.9 mishandles attempts to create an instance of the primitive type 'void'

Launchpad Bug Tracker Thu, 19 Jul 2018 16:06:55 -0700

This bug was fixed in the package libxstream-java - 1.4.7-1ubuntu0.1

---------------
libxstream-java (1.4.7-1ubuntu0.1) trusty-security; urgency=medium


  * SECURITY UPDATE: handle void type class (LP: #1780844)
    - d/p/CVE-2017-7957.patch: Prevent deserialization of void.
    - CVE-2017-7957

 -- Dan Streetman <[email protected]>  Mon, 09 Jul 2018 15:29:05
-0400

** Changed in: libxstream-java (Ubuntu Trusty)
       Status: Confirmed => Fix Released

** Changed in: libxstream-java (Ubuntu Xenial)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1780844

Title:
  CVE-2017-7957: XStream through 1.4.9 mishandles attempts to create an
  instance of the primitive type 'void'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxstream-java/+bug/1780844/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1780844] Re: CVE-2017-7957: XStream through 1.4.9 mishandles attempts to create an instance of the primitive type 'void'

Reply via email to