https://bugs.freedesktop.org/show_bug.cgi?id=60471
Michael Stahl <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED QA Contact|[email protected] | |e | CC| |[email protected], | |[email protected], | |[email protected] Component|Libreoffice |filters and storage --- Comment #15 from Michael Stahl <[email protected]> --- problem is that SPSS\ IBM.svg contains an internal entity declaration: <!-- Generator: Adobe Illustrator 14.0.0, SVG Export Plug-In --> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"; [ <!ENTITY ns_flows "http://ns.adobe.com/Flows/1.0/";> ]> that one is not actually used, but google finds other SVG files from the same producer where it is used: <!DOCTYPE svg PUBLIC [...] <!ENTITY ns_flows "http://ns.adobe.com/Flows/1.0/";> <!ENTITY ns_svg "http://www.w3.org/2000/svg";> <!ENTITY ns_xlink "http://www.w3.org/1999/xlink";> ]> <svg [...] xmlns:xlink="&ns_xlink;" xmlns="&ns_svg;" [...] > apparently it's hip to define namespaces in this convoluted manner or something. since version 3.5.something, the SaxExpatParser in LO refuses to load files with internal XML entities to prevent trivial DoS via recursive entities. this was not a problem so far because no ODF or OOXML producer writes these. LO 3.6 and earlier did not use SaxExpatParser to import SVG. so apparently we have to enable SaxExpatParser to handle internal XML entities when reading SVG files; done that on master. -- You are receiving this mail because: You are the assignee for the bug.
_______________________________________________ Libreoffice-bugs mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
