/ 
XML-Atom-0.24
Security Advisories (1)
CVE-2012-1102 (2021-07-09)

It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

Changes for version 0.24

  • Updated document to mention that ID creation is user's responsibility
  • Added $feed->as_xml_utf8 which always returns UTF-8 bytes string, rather than UTF-8 flagged one. This addresses annoying issues with UTF-8 vs. latin-1 (Thanks to Rui Vilela #21191)
  • Better fix for the hateful default: prefix issue in libxml2; now we remove the default\d* prefix on any nodes and set the proper namespace URI.
  • Fix to the test case since 0x242 is now printable character in bleadperl (Thanks to Andreas Koenig and Steve Peters)
  • Skip tests if 'euc-jp' is unknown encoding on your XML library (via CPAN testers)

Modules

XML::Atom
Atom feed and API implementation
XML::Atom::Client
A client for the Atom API
XML::Atom::Entry
Atom entry
XML::Atom::Feed
Atom feed
XML::Atom::Person
Author or contributor object
XML::Atom::Server
A server for the Atom API
XML::Atom::Util
Utility functions

Provides

LWP::UserAgent::AtomClient
in lib/XML/Atom/Client.pm
XML::Atom::Base
in lib/XML/Atom/Base.pm
XML::Atom::Category
in lib/XML/Atom/Category.pm
XML::Atom::Content
in lib/XML/Atom/Content.pm
XML::Atom::ErrorHandler
in lib/XML/Atom/ErrorHandler.pm
XML::Atom::Link
in lib/XML/Atom/Link.pm
XML::Atom::Namespace
in lib/XML/Atom.pm
XML::Atom::Thing
in lib/XML/Atom/Thing.pm

Other files