https://bugzilla.redhat.com/show_bug.cgi?id=1216112 Bug ID: 1216112 Summary: perl-XML-LibXML: "expand_entities" option was not preserved under some circumstances Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@xxxxxxxxxx Reporter: vkaigoro@xxxxxxxxxx CC: jplesnik@xxxxxxxxxx, mmaslano@xxxxxxxxxx, perl-devel@xxxxxxxxxxxxxxxxxxxxxxx, perl-maint-list@xxxxxxxxxx, ppisar@xxxxxxxxxx, psabata@xxxxxxxxxx It was reported that perl-XML-LibXML did ignore "expand_entities" option in some circumstances, which could lead to sensitive information disclosure. Original report and CVE request (reprodcuers are also available): http://seclists.org/oss-sec/2015/q2/280 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel
