Security Advisories (6)
Imager would search the default current directory entry in @INC when searching for file format support modules.
- https://metacpan.org/dist/Imager/changes
- http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html
- http://www.securitytracker.com/id/1036440
- http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab
- https://rt.perl.org/Public/Bug/Display.html?id=127834
- http://www.securityfocus.com/bid/92136
- http://www.debian.org/security/2016/dsa-3628
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/
- https://security.gentoo.org/glsa/201701-75
- https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html
- https://security.gentoo.org/glsa/201812-07
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
- https://metacpan.org/dist/Imager/changes
- http://rt.cpan.org/Public/Bug/Display.html?id=35324
- http://imager.perl.org/i/release064/Imager_0_64
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00569.html
- http://www.securityfocus.com/bid/28980
- http://secunia.com/advisories/30030
- http://secunia.com/advisories/30011
- http://www.vupen.com/english/advisories/2008/1387/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41986
When drawing on an image with an alpha channel where the source minimum is greater than zero, Imager would read from beyond the end of a malloc() allocated buffer. In rare circumstances this could lead to some of the source image not being written to the target image, or possibly to a segmentation fault.
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
- http://imager.perl.org/a/65.html
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://osvdb.org/39846
- http://www.vupen.com/english/advisories/2007/1587
- http://osvdb.org/35470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359661
- http://rt.cpan.org/Public/Bug/Display.html?id=18397
- http://secunia.com/advisories/19575
- http://secunia.com/advisories/19577
- http://www.debian.org/security/2006/dsa-1028
- http://www.securityfocus.com/bid/17415
- http://www.vupen.com/english/advisories/2006/1294
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25717
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359661
- http://rt.cpan.org/Public/Bug/Display.html?id=18397
- http://secunia.com/advisories/19575
- http://secunia.com/advisories/19577
- http://www.debian.org/security/2006/dsa-1028
- http://www.securityfocus.com/bid/17415
- http://www.vupen.com/english/advisories/2006/1294
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25717
"invalid next size" backtrace on use of trim on certain images
NAME
Imager::Font::Type1 - low-level functions for Type1 fontsDESCRIPTION
Imager::Font creates a Imager::Font::Type1 object when asked to create a font object based on a .pfb file.
See Imager::Font to see how to use this type.
This class provides low-level functions that require the caller to perform data validation
By default Imager no longer creates the t1lib.log log file. You can re-enable that by calling Imager::init() with the t1log option:
Imager::init(t1log=>1);Currently specific to Imager::Font::Type1, you can use the following flags when drawing text or calculating a bounding box:
- underline
-
Draw the text with an underline.
- overline
-
Draw the text with an overline.
- strikethrough
-
Draw the text with a strikethrough.
Obviously, if you're calculating the bounding box the size of the line is included in the box, and the line isn't drawn :)
AUTHOR
Addi, Tony
Module Install Instructions
To install Imager, copy and paste the appropriate command in to your terminal.
cpanm Imagerperl -MCPAN -e shell
install ImagerFor more information on module installation, please visit the detailed CPAN module installation guide.