oss-sec mailing list archives

CVE Request: XML entity expansion in the XML::Atom Perl module

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 04 Mar 2012 17:07:55 +0100

I would like to request a CVE name for this security fix:

| 0.39  2011.06.20
|     * Disabled external entities and network to avoid possible security flaw (yannk)

<http://cpansearch.perl.org/src/MIYAGAWA/XML-Atom-0.39/Changes>

Thanks.

Current thread:

CVE Request: XML entity expansion in the XML::Atom Perl module Florian Weimer (Mar 04)
- Re: CVE Request: XML entity expansion in the XML::Atom Perl module Florian Weimer (Mar 04)
- Re: CVE Request: XML entity expansion in the XML::Atom Perl module Kurt Seifried (Mar 04)