/ 
XML-Atom-0.07
River stage three • 46 direct dependents • 174 total dependents
Security Advisories (1)
CVE-2012-1102 (2021-07-09)

It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

Changes for version 0.07

  • Added (experimental) support for using XML::XPath as an alternative to XML::LibXML. This is detected automatically upon loading XML::Atom; XML::LibXML is still the default.
  • WSSE authentication tokens now persist properly across server redirects. Thanks to Autrijus Tang for the patch.
  • Fixed bug where empty password (empty string or "0") would cause an invalid login in Atom server core. Also, improved error message on invalid password for security. Thanks to Tatsuhiki Miyagawa for the patch.

Modules

XML::Atom
Atom feed and API implementation
XML::Atom::Client
A client for the Atom API
XML::Atom::Entry
Atom entry
XML::Atom::Feed
Atom feed
XML::Atom::Person
Author or contributor object
XML::Atom::Server
A server for the Atom API
XML::Atom::Util
Utility functions

Provides

LWP::Authen::Wsse
in lib/XML/Atom/Client.pm
LWP::UserAgent::AtomClient
in lib/XML/Atom/Client.pm
XML::Atom::Content
in lib/XML/Atom/Content.pm
XML::Atom::ErrorHandler
in lib/XML/Atom/ErrorHandler.pm
XML::Atom::Link
in lib/XML/Atom/Link.pm
XML::Atom::Namespace
in lib/XML/Atom.pm
XML::Atom::Thing
in lib/XML/Atom/Thing.pm

Other files