Use xstream 1.4.16 (#5360) (9f2ef985) · Commits · github / jenkinsci / jenkins · GitLab

Unverified Commit 9f2ef985 authored Mar 21, 2021 by

Mark Waite Committed by GitHub Mar 21, 2021

Use xstream 1.4.16 (#5360)

Changelog: https://x-stream.github.io/changes.html#1.4.16

Switches default parser to a fork of Xpp3 instead of using Xpp3 directly.
Resolves security vulnerabilities when unmarshalling with an XStream
instances using an uninitialized security framework.  As far as I
understand it, Jenkins is not susceptible to those vulnerabilities
because it initializes the security framework.

Also fixes two minor items:

* faulty XmlFriendlyNameCoder optimization
  https://github.com/x-stream/xstream/issues/237

* enum dereferences fail from older versions
  https://github.com/x-stream/xstream/issues/238

parent 56b66239

Hide whitespace changes

Inline Side-by-side

iSergio @iSergio
mentioned in commit 79ac30d7
· Mar 09, 2022

mentioned in commit 79ac30d7

mentioned in commit 79ac30d78f156e90d8233686cc58dfa315d4a07d

Toggle commit list

Please register or to comment