A libxstream-java security update has been released for Debian GNU/Linux 10 LTS to address an issue that allowed a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream.