This update for xstream fixes the following issues:
CVE-2022-40151: Fixed stackoverflow in XML serialization (bsc#1203520).
CVE-2022-41966: Fixed denial of service via uncontrolled recursion during deserialization (bsc#1206729).
Upgrade to 1.4.20.
1.4.20-150200.3.25.11.4.20-150200.3.25.11.4.20-150200.3.25.11.4.20-150200.3.25.1