Mandriva Linux Security Advisory 2015-231 - Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.
00c15cbb854e0cc2cb67a8a8c9493a11bcbe0d00eaef699792b44316f20a5dce
Ubuntu Security Notice 2592-1 - Tilmann Haak discovered that XML::LibXML incorrectly handled the expand_entities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information.
458e6fe89eed0be841fc1b8ecf0008b007d76a2bef3cf98a9e49ce1d8c8af239
Debian Linux Security Advisory 3243-1 - Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.
d4a75e72b8eb10cf469d80e08b6cc4baf75113761ac80b4bf322fcfea8d988b6