Bug#661949: libxml-atom-perl: security issue with external entities
Dominic Hargreaves
dom at earth.li
Fri Mar 2 21:44:20 UTC 2012
Package: libxml-atom-perl
Version: 0.37-1
Severity: important
Tags: security
XML::Atom 0.39 contains the following changelog entry:
0.39 2011.06.20
* Disabled external entities and network to avoid possible security flaw (yannk)
Unfortunately no more details are readily available. As such, it's not
clear whether this is something which should be applied to squeeze,
but it probably warrants further investigation.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
More information about the pkg-perl-maintainers
mailing list