Security Advisories (3)
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
- http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
- http://www.postgresql.org/about/news.905
- http://www.securityfocus.com/bid/27163
- http://securitytracker.com/id?1019157
- http://secunia.com/advisories/28359
- http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- https://issues.rpath.com/browse/RPL-1768
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28455
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://secunia.com/advisories/28679
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28698
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://www.redhat.com/support/errata/RHSA-2008-0134.html
- http://secunia.com/advisories/29070
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:059
- http://secunia.com/advisories/29248
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://secunia.com/advisories/29638
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html
- http://secunia.com/advisories/30535
- http://www.vupen.com/english/advisories/2008/1071/references
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/1744
- http://www.vupen.com/english/advisories/2008/0061
- http://rhn.redhat.com/errata/RHSA-2013-0122.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39497
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569
- https://usn.ubuntu.com/568-1/
- http://www.securityfocus.com/archive/1/493080/100/0/threaded
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
- http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
- http://www.postgresql.org/about/news.905
- http://www.securityfocus.com/bid/27163
- http://securitytracker.com/id?1019157
- http://secunia.com/advisories/28359
- http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- https://issues.rpath.com/browse/RPL-1768
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28455
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://secunia.com/advisories/28679
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28698
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://secunia.com/advisories/29638
- http://www.vupen.com/english/advisories/2008/1071/references
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/0061
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://rhn.redhat.com/errata/RHSA-2013-0122.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39498
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235
- https://usn.ubuntu.com/568-1/
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
- https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE
- http://www.securityfocus.com/bid/109269
- https://support.f5.com/csp/article/K88124225
- https://support.f5.com/csp/article/K88124225?utm_source=f5support&utm_medium=RSS
- https://security.netapp.com/advisory/ntap-20220506-0003/
NAME
Tk::Xrm - X Resource/Defaults/Options routines that obey the rules.
SYNOPSIS
use Tk;
use Tk::Xrm;DESCRIPTION
Using this modules causes Tk's Option code to be replaced by versions which use routines from <X11/Xresource.h> - i.e. same ones every other X toolkit uses.
Result is that "matching" of name/Class with the options database follows the same rules as other X toolkits. This makes it more predictable, and makes it easier to have a single ~/.Xdefaults file which gives sensible results for both Tk and (say) Motif applications.
BUGS
Currently optionAdd(key => value?, priority?) ignores optional priority completely and just does XrmPutStringResource(). Perhaps it should be more subtle and do XrmMergeDatabases() or XrmCombineDatabase().
This version is a little slower than Tk's re-invention but there is more optimization that can be done.
SEE ALSO
KEYWORDS
database, option, priority, retrieve
Module Install Instructions
To install Tk, copy and paste the appropriate command in to your terminal.
cpanm Tkperl -MCPAN -e shell
install TkFor more information on module installation, please visit the detailed CPAN module installation guide.