This update for xstream fixes the following issues: * CVE-2022-40151: Fixed stackoverflow in XML serialization . * CVE-2022-41966: Fixed denial of service via uncontrolled recursion during deserialization . * Upgrade to 1.4.20.