X-Git-Url: http://git.imager.perl.org/imager.git/blobdiff_plain/59fd0c6b029e80008a9db9e96643b7ddd706a5ba..47e4b7d192ed75485d5cf4c58ddccefa00253db1:/Changes

diff --git a/Changes b/Changes
index 4ee4a8be..04289236 100644
--- a/Changes
+++ b/Changes
@@ -1,5 +1,14 @@
 Imager release history.  Older releases can be found in Changes.old
 
+Imager 1.009 - 11 Jan 2019
+============
+
+Critical issue:
+
+ - drawing a filled, anti-aliased circle to the left or right of the
+   image (not within the image at all) would cause a buffer overflow.
+   https://rt.cpan.org/Ticket/Display.html?id=128208
+
 General changes:
 
  - to_paletted() and make_palette() now fail (with an error in
@@ -8,7 +17,12 @@ General changes:
  - map() would corrupt a channel if there was a gap in the arrayref of
    channels.  Detected by Coverity.  CID 185300.
 
-Coverity finally finished a build[1], fix a few problems:
+ - most numeric parameters to the XS implementation now throw an
+   exception if supplied an unoverloaded reference.
+   https://rt.cpan.org/Ticket/Display.html?id=128208
+
+Coverity finally finished a build[1], fixed several of the problems
+found.  Coverity went down before I could finish working through them.
 
 High severity:
 
@@ -118,7 +132,21 @@ Lower severity (according to Coverity):
  - i_img_info() (C API) no longer tries to handle a NULL image object
    pointer.  CID 185298.
 
-[1] The first two build submissions ended up at the end of a ~400
+ - re-work testing for size_t overflow for circle/random
+   super-sampling for fountain fills.  CID 185304.
+
+ - don't check if the unsigned size passed to Imager's malloc wrapper
+   (mymalloc) is negative.  Left from when that parameter was signed.
+   CID 185305.
+
+ - make some types larger and add a cast to prevent integer overflows
+   when calculating a palette with median cut for extraordinarily
+   large images.  CID 185306.
+
+ - don't check if the unsigned size supplied to
+   im_set_image_file_limits() is negative.  CID 185307.
+
+[1] The first two build submissions ended up at the end of a ~400 item
 build queue, and seemed to have been cancelled by Coverity.  A build
 submitted on NYE went through in minutes.
 
@@ -133,6 +161,10 @@ Imager 1.008 - 31 Dec 2018
 
  - added add_type_extensions() class method
 
+ - Imager::Files now links to Imager::Install when discussing
+   appropriate libraries.
+   https://rt.cpan.org/Ticket/Display.html?id=127575
+
 Imager 1.007 - 24 Nov 2018
 ============