commit bdbf9f7551a22073becec5ad1fea1170765da855 Author: Robert Rothenberg Date: Thu Jul 16 18:37:35 2026 +0100 Use Crypt::URandom::MonkeyPatch to override built-in rand (CVE-2026-13082) diff --git a/dist.ini b/dist.ini index 52ab0b1..b33ca5f 100644 --- a/dist.ini +++ b/dist.ini @@ -38,6 +38,7 @@ Image::Magick = 6.66 perl = 5.010 GD = 2.45 +Crypt::URandom::MonkeyPatch = 0 [ExecDir] [ShareDir] diff --git a/lib/GD/SecurityImage.pm b/lib/GD/SecurityImage.pm index 0bb5786..960bc94 100644 --- a/lib/GD/SecurityImage.pm +++ b/lib/GD/SecurityImage.pm @@ -3,6 +3,7 @@ package GD::SecurityImage; use strict; use warnings; use vars qw[@ISA $BACKEND]; +use Crypt::URandom::MonkeyPatch; use GD::SecurityImage::Styles; use Carp qw(croak); use constant RGB_WHITE => ( 255, 255, 255 );