codeql/java/ql/src/change-notes/released/0.7.0.md

0.7.0

Minor Analysis Improvements

• New models have been added for org.apache.commons.lang.
• The query java/unsafe-deserialization has been updated to take into account SerialKiller, a library used to prevent deserialization of arbitrary classes.

Bug Fixes

• The query "Arbitrary file write during archive extraction ("Zip Slip")" (java/zipslip) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."