XML-LibXML 1.58_1
Security Advisories
CVE-2015-3451
The _clone function does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
Fixed version: >=2.0120
Reported: 2015-04-23
CVE-2017-10672
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
- https://www.debian.org/security/2017/dsa-4042
- https://rt.cpan.org/Public/Bug/Display.html?id=122246
- https://lists.debian.org/debian-lts-announce/2017/11/msg00017.html
Fixed version: >=2.0129
Reported: 2015-04-23
Kwalitee Issues
- has_meta_yml
-
Add a META.yml to the distribution. Your buildtool should be able to autogenerate it.
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: XML::LibXML::SAX::Builder
- prereq_matches_use
-
List all used modules in META.yml requires
Error:
- XML::NamespaceSupport
- XML::SAX::Base
- XML::SAX::DocumentLocator
- XML::SAX::Exception
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- has_known_license_in_source_file
-
Add =head1 LICENSE and/or the proper text of the well-known license to the main module in your code.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: XML::LibXML, XML::LibXML::Boolean, XML::LibXML::Literal, XML::LibXML::NodeList, XML::LibXML::Number, XML::LibXML::SAX, XML::LibXML::SAX::Builder, XML::LibXML::SAX::Generator, XML::LibXML::SAX::Parser
- test_prereq_matches_use
-
List all modules used in the test suite in META.yml test_requires
Error:
- XML::SAX
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 1.00,1.50,1.58
Modules
Name | Abstract | Version | View |
---|---|---|---|
XML::LibXML | Perl Binding for libxml2 | 1.58 | metacpan |
XML::LibXML::Boolean | Boolean true/false values | metacpan | |
XML::LibXML::Literal | Simple string values. | metacpan | |
XML::LibXML::NodeList | a list of XML document nodes | metacpan | |
XML::LibXML::Number | Simple numeric values. | metacpan | |
XML::LibXML::SAX | XML::LibXML direct SAX parser | 1.00 | metacpan |
XML::LibXML::SAX::Builder | Building DOM trees from SAX events. | metacpan | |
XML::LibXML::SAX::Generator | Generate SAX events from a LibXML tree | metacpan | |
XML::LibXML::SAX::Parser | 1.50 | metacpan |
Provides
Name | File | View |
---|---|---|
XML::LibXML::Attr | LibXML.pm | metacpan |
XML::LibXML::CDATASection | LibXML.pm | metacpan |
XML::LibXML::Comment | LibXML.pm | metacpan |
XML::LibXML::Document | LibXML.pm | metacpan |
XML::LibXML::DocumentFragment | LibXML.pm | metacpan |
XML::LibXML::Dtd | LibXML.pm | metacpan |
XML::LibXML::Element | LibXML.pm | metacpan |
XML::LibXML::NamedNodeMap | LibXML.pm | metacpan |
XML::LibXML::Namespace | LibXML.pm | metacpan |
XML::LibXML::Node | LibXML.pm | metacpan |
XML::LibXML::PI | LibXML.pm | metacpan |
XML::LibXML::RelaxNG | LibXML.pm | metacpan |
XML::LibXML::SAX::AttributeNode | lib/XML/LibXML/SAX/Generator.pm | metacpan |
XML::LibXML::Schema | LibXML.pm | metacpan |
XML::LibXML::Text | LibXML.pm | metacpan |
XML::LibXML::_SAXParser | LibXML.pm | metacpan |