diff -r 5a6b6e770365 -r 68c69c656a2c web/lib/Zend/Soap/Wsdl.php
--- a/web/lib/Zend/Soap/Wsdl.php	Thu May 07 15:10:09 2015 +0200
+++ b/web/lib/Zend/Soap/Wsdl.php	Thu May 07 15:16:02 2015 +0200
@@ -14,9 +14,9 @@
  *
  * @category   Zend
  * @package    Zend_Soap
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
- * @version    $Id: Wsdl.php 25033 2012-08-17 19:50:08Z matthew $
+ * @version    $Id$
  */
 
 /**
@@ -29,6 +29,9 @@
  */
 require_once "Zend/Soap/Wsdl/Strategy/Abstract.php";
 
+/** @see Zend_Xml_Security */
+require_once "Zend/Xml/Security.php";
+
 /**
  * Zend_Soap_Wsdl
  *
@@ -96,23 +99,12 @@
                     xmlns:xsd='http://www.w3.org/2001/XMLSchema'
                     xmlns:soap-enc='http://schemas.xmlsoap.org/soap/encoding/'
                     xmlns:wsdl='http://schemas.xmlsoap.org/wsdl/'></definitions>";
-        libxml_disable_entity_loader(true);
         $this->_dom = new DOMDocument();
-        if (!$this->_dom->loadXML($wsdl)) {
+        if (!$this->_dom = Zend_Xml_Security::scan($wsdl, $this->_dom)) {
             require_once 'Zend/Server/Exception.php';
             throw new Zend_Server_Exception('Unable to create DomDocument');
-        } else {
-            foreach ($this->_dom->childNodes as $child) {
-                if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
-                    require_once 'Zend/Server/Exception.php';
-                    throw new Zend_Server_Exception(
-                        'Invalid XML: Detected use of illegal DOCTYPE'
-                    );
-                }
-            }
-            $this->_wsdl = $this->_dom->documentElement;
-        }
-        libxml_disable_entity_loader(false);
+        } 
+        $this->_wsdl = $this->_dom->documentElement;
 
         $this->setComplexTypeStrategy($strategy);
     }
@@ -135,10 +127,8 @@
             // @todo: This is the worst hack ever, but its needed due to design and non BC issues of WSDL generation
             $xml = $this->_dom->saveXML();
             $xml = str_replace($oldUri, $uri, $xml);
-            libxml_disable_entity_loader(true);
             $this->_dom = new DOMDocument();
-            $this->_dom->loadXML($xml);
-            libxml_disable_entity_loader(false);
+            $this->_dom = Zend_Xml_Security::scan($xml, $this->_dom);
         }
 
         return $this;