Comment 13 for bug 1025185

The best way to configure the parser (but this would need some functional testing) would imho be:
- without XML_PARSE_NOENT ("Substitute entities")
- without XML_PARSE_XINCLUDE ("Implement XInclude substitution")
- without XML_PARSE_DTDLOAD ("load the external subset")
- with XML_PARSE_NONET ("Forbid network access")

For your information, here's the patch that XML::Atom applied regarding CVE-2012-1102:
http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libxml-atom-perl.git;a=commitdiff;h=4f68e738c6f298e2bda0bad456fc97a3122c0a17