Configure XStream security and resolve itest bundles (#8663)

* Configures XStream security to prevent "Security framework of XStream not initialized, XStream is probably vulnerable" warnings.
* Resolves the itest bundles for the upgrade to XStream 1.4.13

Related to openhab/openhab-core#1688

Signed-off-by: Wouter Born <github@maindrain.net>

bundles/org.openhab.binding.lcn/src/main/java/org/openhab/binding/lcn/internal/pchkdiscovery/LcnPchkDiscoveryService.java

@@ -148,6 +148,8 @@ public class LcnPchkDiscoveryService extends AbstractDiscoveryService {
 
     ServicesResponse xmlToServiceResponse(String response) {
         XStream xstream = new XStream(new StaxDriver());
+        XStream.setupDefaultSecurity(xstream);
+        xstream.allowTypesByWildcard(new String[] { ServicesResponse.class.getPackageName() + ".**" });
         xstream.setClassLoader(getClass().getClassLoader());
         xstream.autodetectAnnotations(true);
         xstream.alias("ServicesResponse", ServicesResponse.class);