oss-sec mailing list archives
Re: CVE Request: XML entity expansion in the XML::Atom Perl module
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 04 Mar 2012 17:15:26 +0100
* Florian Weimer:
I would like to request a CVE name for this security fix: | 0.39 2011.06.20 | * Disabled external entities and network to avoid possible security flaw (yannk) <http://cpansearch.perl.org/src/MIYAGAWA/XML-Atom-0.39/Changes> Thanks.
Oh, to clarify, this is about external entities, not the billion laughs attack.
Current thread:
- CVE Request: XML entity expansion in the XML::Atom Perl module Florian Weimer (Mar 04)
- Re: CVE Request: XML entity expansion in the XML::Atom Perl module Florian Weimer (Mar 04)
- Re: CVE Request: XML entity expansion in the XML::Atom Perl module Kurt Seifried (Mar 04)