/ 
XML-Atom-0.13
Security Advisories (1)
CVE-2012-1102 (2021-07-09)

It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

Changes for version 0.13

  • Bumped up the version

Changes for version 0.12_02

  • $feed->version now returns 1.0 when xmlns patches with that for 1.0
  • Fixed segmentation fault problem with <atom:content> longer than 2.5k (Thanks to Chris Dent and Ryan King)
  • No unicode decode hack on content withou mode="xml"

Changes for version 0.12_01

  • Added Atom 1.0 feed support for parsing
  • Hacked Unicode entity in $content->body
  • Added $entry->contributor
  • $entry->contributor and $entry->person returns list in list context
  • Added $content->lang and $content->base (xml:lang and xml:base)
  • Make sure $feed->as_xml doesn't set utf-8 flag

Modules

XML::Atom
Atom feed and API implementation
XML::Atom::Client
A client for the Atom API
XML::Atom::Entry
Atom entry
XML::Atom::Feed
Atom feed
XML::Atom::Person
Author or contributor object
XML::Atom::Server
A server for the Atom API
XML::Atom::Util
Utility functions

Provides

LWP::UserAgent::AtomClient
in lib/XML/Atom/Client.pm
XML::Atom::Content
in lib/XML/Atom/Content.pm
XML::Atom::ErrorHandler
in lib/XML/Atom/ErrorHandler.pm
XML::Atom::Link
in lib/XML/Atom/Link.pm
XML::Atom::Namespace
in lib/XML/Atom.pm
XML::Atom::Thing
in lib/XML/Atom/Thing.pm

Other files