https://bugzilla.redhat.com/show_bug.cgi?id=1379553
--- Comment #4 from Petr Pisar <ppisar(a)redhat.com> ---
Upstream released 3.50 that added no_xxe flag that implements the desired
behavior, but expand_external_ents flag, subject of this vulnerability, still
has no effect.
So while XML-Twig >= 3.50 can now be used safely, the reported bug still
exists.
--
You are receiving this mail because:
You are on the CC list for the bug.