Prevent XML entity expansion attacks. Thanks to Florian Wilkens @ SRLabs for the report. (Closes: #397)