Commit 7ec41d4f authored by Xavier Guimard's avatar Xavier Guimard

Fix CVE-2019-13031: XXE vulnerability in SOAP notification server

Backported to Debian/jessie by Chris Lamb

https://security-tracker.debian.org/tracker/DLA-1844-1
parent 1e951fab
...@@ -43,7 +43,7 @@ sub new { ...@@ -43,7 +43,7 @@ sub new {
} }
# Initiate XML parser # Initiate XML parser
$parser = XML::LibXML->new(); $parser = XML::LibXML->new( load_ext_dtd => 0, expand_entities => 0 );
return $self; return $self;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment