Security Advisories (7)

CVE-2006-4484 (2008-10-01)

Buffer overflow in the LWZReadByte_ function in the GD extension in allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

https://metacpan.org/changes/distribution/Tk

CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2018-25032 (2022-03-25)

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2011-3045 (2012-03-22)

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

CVE-2016-10087 (2017-01-30)

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

NAME

Tk_RestrictEvents - filter and selectively delay X events

SYNOPSIS

#include <tk.h>

Tk_RestrictProc * Tk_RestrictEvents(proc, clientData, prevClientDataPtr)

ARGUMENTS

Tk_RestrictProc *proc (in): Predicate procedure to call to filter incoming X events. NULL means do not restrict events at all.
ClientData clientData (in): Arbitrary argument to pass to proc.
ClientData *prevClientDataPtr (out): Pointer to place to save argument to previous restrict procedure.

DESCRIPTION

This procedure is useful in certain situations where applications are only prepared to receive certain X events. After Tk_RestrictEvents is called, Tk_DoOneEvent (and hence Tk_MainLoop) will filter X input events through proc. Proc indicates whether a given event is to be processed immediately, deferred until some later time (e.g. when the event restriction is lifted), or discarded. Proc is a procedure with arguments and result that match the type Tk_RestrictProc:

typedef Tk_RestrictAction Tk_RestrictProc(
	ClientData clientData,
	XEvent *eventPtr);

The clientData argument is a copy of the clientData passed to Tk_RestrictEvents; it may be used to provide proc with information it needs to filter events. The eventPtr points to an event under consideration. Proc returns a restrict action (enumerated type Tk_RestrictAction) that indicates what Tk_DoOneEvent should do with the event. If the return value is TK_PROCESS_EVENT, then the event will be handled immediately. If the return value is TK_DEFER_EVENT, then the event will be left on the event queue for later processing. If the return value is TK_DISCARD_EVENT, then the event will be removed from the event queue and discarded without being processed.

Tk_RestrictEvents uses its return value and prevClientDataPtr to return information about the current event restriction procedure (a NULL return value means there are currently no restrictions). These values may be used to restore the previous restriction state when there is no longer any need for the current restriction.

There are very few places where Tk_RestrictEvents is needed. In most cases, the best way to restrict events is by changing the bindings with the bind Tcl command or by calling Tk_CreateEventHandler and Tk_DeleteEventHandler from C. The main place where Tk_RestrictEvents must be used is when performing synchronous actions (for example, if you need to wait for a particular event to occur on a particular window but you don't want to invoke any handlers for any other events). The ``obvious'' solution in these situations is to call XNextEvent or XWindowEvent, but these procedures cannot be used because Tk keeps its own event queue that is separate from the X event queue. Instead, call Tk_RestrictEvents to set up a filter, then call Tk_DoOneEvent to retrieve the desired event(s).

KEYWORDS

delay, event, filter, restriction

To install Tk, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Tk

CPAN shell

perl -MCPAN -e shell
install Tk

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

ARGUMENTS

DESCRIPTION

KEYWORDS

Module Install Instructions

Keyboard Shortcuts