Security Advisories (3)
CVE-2007-4769
(2008-01-09)
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
- http://www.postgresql.org/about/news.905
- http://www.securityfocus.com/bid/27163
- http://securitytracker.com/id?1019157
- http://secunia.com/advisories/28359
- http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
- http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- https://issues.rpath.com/browse/RPL-1768
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28455
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://secunia.com/advisories/28679
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28698
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://secunia.com/advisories/29638
- http://www.vupen.com/english/advisories/2008/1071/references
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/0061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
- https://usn.ubuntu.com/568-1/
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
CVE-2018-25032
(2022-03-25)
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- https://rt.cpan.org/Ticket/Display.html?id=143579
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- http://www.openwall.com/lists/oss-security/2022/03/25/2
- http://www.openwall.com/lists/oss-security/2022/03/26/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- https://www.debian.org/security/2022/dsa-5111
- https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/38
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
CVE-2011-3045
(2012-03-22)
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
- http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
- http://code.google.com/p/chromium/issues/detail?id=116162
- http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
- https://bugzilla.redhat.com/show_bug.cgi?id=799000
- http://secunia.com/advisories/48485
- http://secunia.com/advisories/48512
- http://secunia.com/advisories/48554
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
- http://secunia.com/advisories/48320
- http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
- http://secunia.com/advisories/49660
- http://security.gentoo.org/glsa/glsa-201206-15.xml
- http://www.securitytracker.com/id?1026823
- http://rhn.redhat.com/errata/RHSA-2012-0488.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
- http://www.debian.org/security/2012/dsa-2439
- http://rhn.redhat.com/errata/RHSA-2012-0407.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
NAME
Tk::Event - ToolKit for Events
SYNOPSIS
use Tk::Event;
Tk::Event->fileevent(\*FH, 'readable' => callback);
Tk::Event->lineavail(\*FH, callback);
use Tk::Event::Signal qw(INT);
$SIG{'INT'} = callback;
use Tk::Event::process;
Tk::Event->proc($pid, callback);
QueueEvent(callback [, position])DESCRIPTION
That is better than nothing but still hard to use. Most scripts want higher level result (a line, a "block" of data etc.)
So it has occured to me that we could use new-ish TIEHANDLE thus:
my $obj = tie SOMEHANDLE,Tk::Event::IO;
while (<SOMEHANDLE>)
{
}Then the READLINE routine registers a callback and looks something like:
sub READLINE
{
my $obj = shift;
Event->io(*$obj,'readable',sub { sysread(*$obj,${*$obj},1,length(${*$obj}) });
my $pos;
while (($pos = index(${*$obj},$/) < 0)
{
DoOneEvent();
}
Event->io(*$obj,'readable',''); # unregister
$pos += length($/);
my $result = substr(${*$obj},0,$pos);
substr(${*$obj},0,$pos) = '';
return $result;
}This is using the scalar part of the glob representing the _inner_ IO as a buffer in which to accumulate chars.
Module Install Instructions
To install Tk, copy and paste the appropriate command in to your terminal.
cpanm Tkperl -MCPAN -e shell
install TkFor more information on module installation, please visit the detailed CPAN module installation guide.