Request to register new user
fullname: Horváth, Ákos Péter
userid: HAP
mail: CENSORED
homepage:
why:
I've found a security hole (possibly trojan) in Font::TTFMetrics.
First I tried to contact the author, but his mail address doesn't
work.
I want to upload a fix, and some improvement to the module.
The problem description follows. The font init code (line 271)
starts with this: my $self = shift; my $fh =
$self->get_file_handle(); my $buf = ""; eval { read( $fh, $buf, 12 )
};
This seems... a little bit problematic. Currently I'm on the module
and sometime start to upload a fix. Commenting out the eval doesn't
mess up anything.
bye,
Akos
The following links are only valid for PAUSE maintainers:
Registration form with editing capabilities:
https://pause.perl.org/pause/authenquery?ACTION=add_user&USERID=cb900000_f1f6b3079da3c298&SUBMIT_pause99_add_user_sub=1
Immediate (one click) registration:
https://pause.perl.org/pause/authenquery?ACTION=add_user&USERID=cb900000_f1f6b3079da3c298&SUBMIT_pause99_add_user_Definitely=1
