Security Advisories (6)
Imager would search the default current directory entry in @INC when searching for file format support modules.
- https://metacpan.org/dist/Imager/changes
- http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html
- http://www.securitytracker.com/id/1036440
- http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab
- https://rt.perl.org/Public/Bug/Display.html?id=127834
- http://www.securityfocus.com/bid/92136
- http://www.debian.org/security/2016/dsa-3628
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/
- https://security.gentoo.org/glsa/201701-75
- https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html
- https://security.gentoo.org/glsa/201812-07
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
- https://metacpan.org/dist/Imager/changes
- http://rt.cpan.org/Public/Bug/Display.html?id=35324
- http://imager.perl.org/i/release064/Imager_0_64
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00569.html
- http://www.securityfocus.com/bid/28980
- http://secunia.com/advisories/30030
- http://secunia.com/advisories/30011
- http://www.vupen.com/english/advisories/2008/1387/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41986
When drawing on an image with an alpha channel where the source minimum is greater than zero, Imager would read from beyond the end of a malloc() allocated buffer. In rare circumstances this could lead to some of the source image not being written to the target image, or possibly to a segmentation fault.
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
- http://imager.perl.org/a/65.html
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://osvdb.org/39846
- http://www.vupen.com/english/advisories/2007/1587
- http://osvdb.org/35470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359661
- http://rt.cpan.org/Public/Bug/Display.html?id=18397
- http://secunia.com/advisories/19575
- http://secunia.com/advisories/19577
- http://www.debian.org/security/2006/dsa-1028
- http://www.securityfocus.com/bid/17415
- http://www.vupen.com/english/advisories/2006/1294
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25717
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359661
- http://rt.cpan.org/Public/Bug/Display.html?id=18397
- http://secunia.com/advisories/19575
- http://secunia.com/advisories/19577
- http://www.debian.org/security/2006/dsa-1028
- http://www.securityfocus.com/bid/17415
- http://www.vupen.com/english/advisories/2006/1294
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25717
"invalid next size" backtrace on use of trim on certain images
NAME
Imager::Font::Truetype - low-level functions for Truetype fontsDESCRIPTION
Imager::Font creates a Imager::Font::Truetype object when asked to create a font object based on a .ttf file.
See Imager::Font to see how to use this type.
This class provides low-level functions that require the caller to perform data validation.
AUTHOR
Addi, Tony
Module Install Instructions
To install Imager, copy and paste the appropriate command in to your terminal.
cpanm Imagerperl -MCPAN -e shell
install ImagerFor more information on module installation, please visit the detailed CPAN module installation guide.