Security Advisories (4)
CVE-2007-4769
(2008-01-09)
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
- http://www.postgresql.org/about/news.905
- http://www.securityfocus.com/bid/27163
- http://securitytracker.com/id?1019157
- http://secunia.com/advisories/28359
- http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
- http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- https://issues.rpath.com/browse/RPL-1768
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28455
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://secunia.com/advisories/28679
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28698
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://secunia.com/advisories/29638
- http://www.vupen.com/english/advisories/2008/1071/references
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/0061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
- https://usn.ubuntu.com/568-1/
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
CVE-2018-25032
(2022-03-25)
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- https://rt.cpan.org/Ticket/Display.html?id=143579
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- http://www.openwall.com/lists/oss-security/2022/03/25/2
- http://www.openwall.com/lists/oss-security/2022/03/26/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- https://www.debian.org/security/2022/dsa-5111
- https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/38
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
CVE-2011-3045
(2012-03-22)
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
- http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
- http://code.google.com/p/chromium/issues/detail?id=116162
- http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
- https://bugzilla.redhat.com/show_bug.cgi?id=799000
- http://secunia.com/advisories/48485
- http://secunia.com/advisories/48512
- http://secunia.com/advisories/48554
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
- http://secunia.com/advisories/48320
- http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
- http://secunia.com/advisories/49660
- http://security.gentoo.org/glsa/glsa-201206-15.xml
- http://www.securitytracker.com/id?1026823
- http://rhn.redhat.com/errata/RHSA-2012-0488.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
- http://www.debian.org/security/2012/dsa-2439
- http://rhn.redhat.com/errata/RHSA-2012-0407.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
CVE-2016-10087
(2017-01-30)
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
- http://www.openwall.com/lists/oss-security/2016/12/30/4
- http://www.openwall.com/lists/oss-security/2016/12/29/2
- http://www.securityfocus.com/bid/95157
- https://security.gentoo.org/glsa/201701-74
- https://usn.ubuntu.com/3712-2/
- https://usn.ubuntu.com/3712-1/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
NAME
Tk::PNG - PNG loader for Tk::Photo
SYNOPSIS
use Tk;
use Tk::PNG;
my $image = $widget->Photo('-format' => 'png', -file => 'something.png');DESCRIPTION
This is an extension for Tk which supplies PNG format loader for Photo image type.
HISTORY
This extension is by default bundled with Perl/Tk since Tk804.
AUTHOR
Nick Ing-Simmons <nick@ing-simmons.net>
SEE ALSO
Module Install Instructions
To install Tk, copy and paste the appropriate command in to your terminal.
cpanm Tkperl -MCPAN -e shell
install TkFor more information on module installation, please visit the detailed CPAN module installation guide.