Register | Log in

libimager-perl

Perl extension for generating 24-bit images

Choose email to subscribe with

general

source: libimager-perl (main)
version: 1.031+dfsg-1
maintainer: Debian Perl Group (archive) (DMD) (LowNMU)
uploaders: Damyan Ivanov [DMD] – gregor herrmann [DMD] – Dominic Hargreaves [DMD]
arch: any
std-ver: 4.7.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.012+dfsg-1
oldstable: 1.019+dfsg-1
stable: 1.027+dfsg-1
testing: 1.030+dfsg-1
unstable: 1.031+dfsg-1

versioned links

1.012+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.019+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.027+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.030+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.031+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libimager-perl

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match branch validates Image.Width + Image.Left > SWidth before each DGifGetLine write, but the parallel skip-image branch at imgif.c:790-805 calls DGifGetLine(GifFile, GifRow, Width) with no such check.

Created: 2026-05-15 Last update: 2026-05-16 05:16

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match branch validates Image.Width + Image.Left > SWidth before each DGifGetLine write, but the parallel skip-image branch at imgif.c:790-805 calls DGifGetLine(GifFile, GifRow, Width) with no such check.

Created: 2026-05-15 Last update: 2026-05-16 05:16

2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:

CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match branch validates Image.Width + Image.Left > SWidth before each DGifGetLine write, but the parallel skip-image branch at imgif.c:790-805 calls DGifGetLine(GifFile, GifRow, Width) with no such check.

1 issue postponed or untriaged:

CVE-2024-53901: (postponed; to be fixed through a stable update) The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

Created: 2026-05-15 Last update: 2026-05-16 05:16

2 security issues in bookworm high

There are 2 open security issues in bookworm.

1 important issue:

CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match branch validates Image.Width + Image.Left > SWidth before each DGifGetLine write, but the parallel skip-image branch at imgif.c:790-805 calls DGifGetLine(GifFile, GifRow, Width) with no such check.

1 issue left for the package maintainer to handle:

CVE-2024-53901: (needs triaging) The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-11-24 Last update: 2026-05-16 05:16

testing migrations

excuses:
- Migration status for libimager-perl (1.030+dfsg-1 to 1.031+dfsg-1): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Autopkgtest for libimager-perl/1.031+dfsg-1: amd64: Pass, arm64: Pass, i386: Test triggered, loong64: Test triggered, ppc64el: Pass, riscv64: Test triggered, s390x: Test triggered
- ∙ ∙ Autopkgtest for libimager-qrcode-perl/0.035+dfsg-1: amd64: Pass, arm64: Pass, i386: Test triggered, loong64: Test triggered, ppc64el: Pass, riscv64: Test triggered, s390x: Test triggered
- ∙ ∙ Too young, only 1 of 5 days old
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/libi/libimager-perl.html
- ∙ ∙ Reproduced on amd64 - info
- ∙ ∙ Reproduced on arm64 - info
- ∙ ∙ Reproduced on armhf - info
- ∙ ∙ Reproduced on i386 - info
- Not considered

news

[2026-05-15] Accepted libimager-perl 1.031+dfsg-1 (source) into unstable (Samuel Young) (signed by: gregor herrmann)
[2026-04-18] libimager-perl 1.030+dfsg-1 MIGRATED to testing (Debian testing watch)
[2026-04-15] Accepted libimager-perl 1.030+dfsg-1 (source) into unstable (Samuel Young) (signed by: gregor herrmann)
[2025-10-13] libimager-perl 1.029+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-10-10] Accepted libimager-perl 1.029+dfsg-1 (source) into unstable (gregor herrmann)
[2025-10-09] libimager-perl 1.028+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-10-06] Accepted libimager-perl 1.028+dfsg-1 (source) into unstable (gregor herrmann)
[2025-03-19] libimager-perl 1.027+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-03-16] Accepted libimager-perl 1.027+dfsg-1 (source) into unstable (gregor herrmann)
[2024-11-25] libimager-perl 1.025+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-11-23] Accepted libimager-perl 1.025+dfsg-1 (source) into unstable (gregor herrmann)
[2024-09-17] libimager-perl 1.024+dfsg-2 MIGRATED to testing (Debian testing watch)
[2024-09-15] Accepted libimager-perl 1.024+dfsg-2 (source) into unstable (gregor herrmann)
[2024-05-03] libimager-perl 1.024+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-04-13] Accepted libimager-perl 1.024+dfsg-1 (source) into unstable (gregor herrmann)
[2024-01-23] libimager-perl 1.023+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-01-20] Accepted libimager-perl 1.023+dfsg-1 (source) into unstable (gregor herrmann)
[2023-12-05] libimager-perl 1.022+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-12-03] Accepted libimager-perl 1.022+dfsg-1 (source) into unstable (gregor herrmann)
[2023-11-20] libimager-perl 1.020+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-11-17] Accepted libimager-perl 1.020+dfsg-1 (source) into unstable (gregor herrmann)
[2023-07-21] libimager-perl 1.019+dfsg-2 MIGRATED to testing (Debian testing watch)
[2023-07-17] Accepted libimager-perl 1.019+dfsg-2 (source) into unstable (gregor herrmann)
[2022-07-13] libimager-perl 1.019+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-07-09] Accepted libimager-perl 1.019+dfsg-1 (source) into unstable (gregor herrmann)
[2022-06-22] libimager-perl 1.018+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-06-19] Accepted libimager-perl 1.018+dfsg-1 (source) into unstable (gregor herrmann)
[2022-06-18] libimager-perl 1.016+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-06-13] Accepted libimager-perl 1.016+dfsg-1 (source) into unstable (gregor herrmann)
[2022-05-11] libimager-perl 1.015+dfsg-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.029+dfsg-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing