Stay Connected:

ELSA-2025-20956

ELSA-2025-20956 - libtiff security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2025-11-25

Description


[4.4.0-15.2]
- fix CVE-2025-8176: tiffdither and tiffmedian skip first line of input
images (RHEL-120239)

[4.4.0-15.1]
- fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented
(RHEL-112545)


Related CVEs


CVE-2025-8176
CVE-2025-9900

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) libtiff-4.4.0-15.el9_7.2.src.rpmf5288b5410307be2100582f32067a699950919e0075d0083a4ec933bf2c441f0-ol9_aarch64_appstream
libtiff-4.4.0-15.el9_7.2.src.rpmf5288b5410307be2100582f32067a699950919e0075d0083a4ec933bf2c441f0-ol9_aarch64_codeready_builder
libtiff-4.4.0-15.el9_7.2.aarch64.rpm8b4ed0968b2040ce45f10d1eb6d25e8782ecf6b6b21a78361c88ea919a427f07-ol9_aarch64_appstream
libtiff-devel-4.4.0-15.el9_7.2.aarch64.rpm307db4ae07d16205014f62934a17a784287341a4eec6d74e7720ede1195c7332-ol9_aarch64_appstream
libtiff-tools-4.4.0-15.el9_7.2.aarch64.rpm48cf00b83ba980617d10f58e54b1ce3d75f10ae52eb91ad00a2d9d9168165ad7-ol9_aarch64_codeready_builder
Oracle Linux 9 (x86_64) libtiff-4.4.0-15.el9_7.2.src.rpmf5288b5410307be2100582f32067a699950919e0075d0083a4ec933bf2c441f0-ol9_x86_64_appstream
libtiff-4.4.0-15.el9_7.2.src.rpmf5288b5410307be2100582f32067a699950919e0075d0083a4ec933bf2c441f0-ol9_x86_64_codeready_builder
libtiff-4.4.0-15.el9_7.2.i686.rpmc3bb23940171d443fc57983578cd58458a13d241c622d7c5bda95a33357b7c45-ol9_x86_64_appstream
libtiff-4.4.0-15.el9_7.2.x86_64.rpm8b4557ff0caedc02ee395179ab0157660fa85ccb95149cd31d9135f1634c6ed9-ol9_x86_64_appstream
libtiff-devel-4.4.0-15.el9_7.2.i686.rpm7fa0d5ef08a2c3ba57608636e7ef73708b13a1cb9764697406e2e9da25faaa66-ol9_x86_64_appstream
libtiff-devel-4.4.0-15.el9_7.2.x86_64.rpm8069ee638e5f1ad1591467706869f9ea6a8507e3d6931218cd8572b12ef2a853-ol9_x86_64_appstream
libtiff-tools-4.4.0-15.el9_7.2.x86_64.rpm4a3564f931ecb91841cd57bfc93a4e2e399f1b69db5ab2ec7b7ef1d37320a5c8-ol9_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights