[Bug 1216112] New: perl-XML-LibXML: "expand_entities" option was not preserved under some circumstances
bugzilla at redhat.com
bugzilla at redhat.com
Tue Apr 28 14:02:26 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1216112
Bug ID: 1216112
Summary: perl-XML-LibXML: "expand_entities" option was not
preserved under some circumstances
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team at redhat.com
Reporter: vkaigoro at redhat.com
CC: jplesnik at redhat.com, mmaslano at redhat.com,
perl-devel at lists.fedoraproject.org,
perl-maint-list at redhat.com, ppisar at redhat.com,
psabata at redhat.com
It was reported that perl-XML-LibXML did ignore "expand_entities" option in
some circumstances, which could lead to sensitive information disclosure.
Original report and CVE request (reprodcuers are also available):
http://seclists.org/oss-sec/2015/q2/280
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the perl-devel
mailing list