https://bugs.kde.org/show_bug.cgi?id=335001
--- Comment #7 from Luigi Toscano <luigi.toscano at tiscali.it> --- Git commit f9ed9951d228fae90f2979830f6009ad71e33511 by Luigi Toscano. Committed on 14/06/2014 at 00:36. Pushed by ltoscano into branch 'master'. Explicitly load external entities Use the more modern API function for XML loading and enable the flags which load the external entities, so that meinproc4 can work again after the security changes implemented for CVE-2014-0191. Network loading is disabled too now. Please note that, even if the changes to the aforementioned CVE introduced a regression in libxml2, recently fixed upstream, and that the current meinproc code works again once the fix is deployed, nevertheless upstream suggests to not use global settings anymore. Adapted from the following kdelibs (Qt4 branch) commits: d4fca9ffb31a2383459c89b27f81b10b7ddece1a 684bb98b31d338d85e1e6089cac381a507a5b4d8 M +0 -3 src/meinproc.cpp M +3 -1 src/xslt.cpp http://commits.kde.org/kdoctools/f9ed9951d228fae90f2979830f6009ad71e33511 -- You are receiving this mail because: You are the assignee for the bug.
