Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: XML entity expansion in the XML::Atom Perl module
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 04 Mar 2012 17:15:26 +0100

* Florian Weimer:

I would like to request a CVE name for this security fix:

| 0.39  2011.06.20
|     * Disabled external entities and network to avoid possible security flaw (yannk)

<http://cpansearch.perl.org/src/MIYAGAWA/XML-Atom-0.39/Changes>

Thanks.

Oh, to clarify, this is about external entities, not the billion
laughs attack.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]