XML-Sig-0.38

Security Advisories (1)

CVE-2025-40934 (2025-11-26)

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should return an error message. The affected versions return true when attempting to validate an XML file that contains no signatures.

Changes for version 0.38

Increment Version - Release Version same as 0.37-TRIAL
TBD Update Changes and Increment version

Changes for version 0.37-TRIAL (TRIAL RELEASE)

3c18e4c Update Makefile Version 4936d2d Update Changes and Increment version 51f853d Add more patterns to .gitignore adeb19c Allow you to build XML::Sig from git repo without dzil 2619ba4 Fix issue and add test for InclusiveNamespace in XML 3f06b78 Add extra debugging information f8aef89 remove trailing # on TRANSFORM_C14N 15939af InclusiveNamespaces support from 1d2dac1c3eaa42359899e61323a446d0d0af3e54 accidentally removed

Modules

XML::Sig

Other files

To install XML::Sig, copy and paste the appropriate command in to your terminal.

cpanm

cpanm XML::Sig

CPAN shell

perl -MCPAN -e shell
install XML::Sig

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.38

Changes for version 0.37-TRIAL (TRIAL RELEASE)

Modules

Other files

Module Install Instructions

Keyboard Shortcuts