Announcing the presentation of the module Task::MemManager which facilitates the management of memory for multi-language applications. Will be discussing the module on Dec 18th https://mstdn.science/@ChristosArgyrop/113581044054775371 The presentation will include an application in which the same data was successfully processed in x86_64 Assembly, C and PDL. Surprisingly working with Assembly required the least amount of glue code (gulp).

(in the meantime you can find it in MetaCPAN)

submitted by /u/ReplacementSlight413
[link] [comments]

There is a 13 year old CVE for the CPAN perl module Crypt::DSA which is used as part of Crypt::OpenPGP.

I found it this morning and reported it, to get a reply that a CVE was assigned in 2011 and a patch offered in 2013 but the module has been abandoned by the author and the unpatched version is still on CPAN.

https://rt.cpan.org/Public/Bug/Display.html?id=71421

The flaw only affects platforms without /dev/random and the 2013 offered patch is to just break the module completely for platforms without /dev/random.

Given that Module::Build recommends Module::Signature which needs Crypt::OpenPGP that in turn needs Crypt::DSA it bothers me a bit that the insecure version is still on CPAN and that the only patch I can find breaks Crypt::DSA on Windows and other platforms without /dev/random.

A) Would an actual perl coder with access to a Windows environment for testing mind patching the module to use something like Bytes::Random::Secure that is cryptograpgic quality yet also works on platforms without /dev/random? Honestly I don't even see a need for Crypt::DSA to access /dev/random itself, it should call another plattform-independent library desined to spit out random bytes to get the random bytes it needs.

B) Why is it that a module with a known flaw over 10 years old is still completely unfixed on CPAN, and is there a collection of patches for such issues somewhere that I don't know about that people use to patch old distributions on CPAN that are abandoned but are still needed but have security issues?

submitted by /u/AnymooseProphet
[link] [comments]

I'm a regular user of GIMP in the office and have noticed that it only comes with scheme or python for automation/batch scripts. I've read that perl was once upon a time included. I've scoured the internet looking for guides and information but am finding posts and pages from over 10 years ago which are massively out of date. Is there a modern guide anywhere that can talk me through installing it (if it's still even possible)?

I want to try my hand at perl and translate some of the scheme and python scripts I've written. I know it still works with Imagemagick and excel so I can re-write some of my powershell 7 and bash scripts.

Technically I don't need to do any of this but for some unknown reason I want to give perl a try 😀

submitted by /u/Bullfrog-That
[link] [comments]