/ 
Imager-0.32
River stage three • 115 direct dependents • 134 total dependents
Security Advisories (5)
CVE-2016-1238 (2016-08-02)

Imager would search the default current directory entry in @INC when searching for file format support modules.

CPANSA-Imager-2014-01 (2014-01-03)

When drawing on an image with an alpha channel where the source minimum is greater than zero, Imager would read from beyond the end of a malloc() allocated buffer. In rare circumstances this could lead to some of the source image not being written to the target image, or possibly to a segmentation fault.

CVE-2007-2459 (2007-05-02)

Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.

CVE-2006-0053 (2006-04-10)

Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.

CVE-2024-53901 (2024-11-17)

"invalid next size" backtrace on use of trim on certain images

Changes for version 0.32

  • Added the getcolorcount method. Fixed interlace handling
  • on png images. Fixed the missing channel count in crop() method. Rewrote most of t1lib database stuff - created color and font classes. T1 stuff is mostly done - TT things were rewritten too and now include most of what is needed for pixmap caching. Added documentation for fonts. Comments have been added to some of the relevant c-routines. Added a copy() function in Imager.xs and a corresponding method name. Changed the underlying data type for the raw XS images from pointers to objects - this will hopefully catch the most basic errors and keep the segfaulting down. This means that all of the underlying XS calls for readjpeg, readgif, readpng and readraw do not take the first parameter any more. Made fixes to keep it not spewing warning on 5.004 perl.
  • If you had any code that didn't use the OO interface ****
  • It will probably not work any longer ****
  • For latest status check the Imager-devel pages: http://www.eecs.umich.edu/~addi/perl/Imager/devel/

Modules

Imager
Perl extension for Generating 24 bit Images

Provides

Imager::Color
in Imager.pm
Imager::Font
in Imager.pm

Other files