Imager 0.50 Deleted
Security Advisories
CVE-2016-1238
Imager would search the default current directory entry in @INC when searching for file format support modules.
- http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html
- http://www.securitytracker.com/id/1036440
- http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab
- https://rt.perl.org/Public/Bug/Display.html?id=127834
- http://www.securityfocus.com/bid/92136
- http://www.debian.org/security/2016/dsa-3628
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/
- https://security.gentoo.org/glsa/201701-75
- https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html
- https://security.gentoo.org/glsa/201812-07
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html
Fixed version: >=1.006
Severity: high
Reported: 2016-08-02
CVE-2008-1928
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
- http://rt.cpan.org/Public/Bug/Display.html?id=35324
- http://imager.perl.org/i/release064/Imager_0_64
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00569.html
- http://www.securityfocus.com/bid/28980
- http://secunia.com/advisories/30030
- http://secunia.com/advisories/30011
- http://www.vupen.com/english/advisories/2008/1387/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41986
Fixed version: >=0.64
Reported: 2008-04-24
CVE-2007-2459
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
- http://imager.perl.org/a/65.html
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://osvdb.org/39846
- http://www.vupen.com/english/advisories/2007/1587
- http://osvdb.org/35470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
Fixed version: >=0.57
Reported: 2007-05-02
When drawing on an image with an alpha channel where the source minimum is greater than zero, Imager would read from beyond the end of a malloc() allocated buffer. In rare circumstances this could lead to some of the source image not being written to the target image, or possibly to a segmentation fault.
Fixed version: >=0.98
Reported: 2014-01-03
Kwalitee Issues
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Imager::API, Imager::APIRef
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- no_stdin_for_prompting
-
Use the prompt() method from ExtUtils::MakeMaker/Module::Build.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Imager, Imager::API, Imager::APIRef, Imager::Color, Imager::Color::Float, Imager::Color::Table, Imager::CountColor, Imager::Expr, Imager::Expr::Assem, Imager::ExtUtils, Imager::Fill, Imager::Filter::DynTest, Imager::Filter::Flines, Imager::Filter::Mandelbrot, Imager::Font, Imager::Font::BBox, Imager::Font::FreeType2, Imager::Font::Image, Imager::Font::Truetype, Imager::Font::Type1, Imager::Font::Win32, Imager::Font::Wrap, Imager::Fountain, Imager::Matrix2d, Imager::Regops, Imager::Transform
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.01,0.50,1.002,1.003,1.004,1.005,1.008,1.009,1.010,1.013,1.033
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Imager | Perl extension for Generating 24 bit Images | 0.50 | metacpan |
Imager::Color | Color handling for Imager. | 1.010 | metacpan |
Imager::Color::Float | Rough floating point sample colour handling | 1.004 | metacpan |
Imager::Color::Table | built-in Imager color table | 1.002 | metacpan |
Imager::CountColor | demonstrates writing a simple function using Imager. | 0.01 | metacpan |
Imager::Expr | implements expression parsing and compilation for the expression evaluation engine used by Imager::transform2() | 1.003 | metacpan |
Imager::Expr::Assem | an assembler for producing code for the Imager register machine | 1.002 | metacpan |
Imager::ExtUtils | functions handy in writing Imager extensions | metacpan | |
Imager::Fill | general fill types | 1.009 | metacpan |
Imager::Filter::DynTest | 0.01 | metacpan | |
Imager::Filter::Flines | dim alternate lines to emulate a video display | 0.01 | metacpan |
Imager::Filter::Mandelbrot | filter that renders the Mandelbrot set. | 0.01 | metacpan |
Imager::Font | Font handling for Imager. | 1.033 | metacpan |
Imager::Font::BBox | objects representing the bounding box of a string. | 1.005 | metacpan |
Imager::Font::FreeType2 | low-level functions for FreeType2 text output | 1.013 | metacpan |
Imager::Font::Image | metacpan | ||
Imager::Font::Truetype | low-level functions for Truetype fonts | 1.010 | metacpan |
Imager::Font::Type1 | low-level functions for Type1 fonts | 1.010 | metacpan |
Imager::Font::Win32 | uses Win32 GDI services for text output | 1.004 | metacpan |
Imager::Font::Wrap | simple wrapped text output | 1.002 | metacpan |
Imager::Fountain | a class for building fountain fills suitable for use by the fountain filter. | 1.005 | metacpan |
Imager::Matrix2d | simple wrapper for matrix construction | 1.008 | metacpan |
Imager::Regops | generated information about the register based VM | metacpan | |
Imager::Transform | a library of register machine image transformations | 1.004 | metacpan |