Stay Connected:

ELSA-2025-21407

ELSA-2025-21407 - libtiff security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2025-12-01

Description


[4.0.3-35.0.1]
- fix CVE-2025-8176: prevent skipping first line in tiffdither and
tiffmedian tools [Orabug: 38658716]
- fix CVE-2025-8177: buffer overflow thumbnail setrow [Orabug: 38658716]
- fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented()
[Orabug: 38658716]


Related CVEs


CVE-2025-8176
CVE-2025-8177
CVE-2025-9900

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) libtiff-4.0.3-35.0.1.el7.src.rpm7a7499e26c31aa4859604d988cd2d88c1841f8414f1f4b9db30c7a5a8d3d9e9d-ol7_x86_64_latest_ELS
libtiff-4.0.3-35.0.1.el7.i686.rpmed30291a113b392590322c637add3ad80836031c73f44d61026be2bc6997db63-ol7_x86_64_latest_ELS
libtiff-4.0.3-35.0.1.el7.x86_64.rpm0ea9ef1754d8a256efa92a482cc28546b3537b8b06bbbca37302279b5624c8a0-ol7_x86_64_latest_ELS
libtiff-devel-4.0.3-35.0.1.el7.i686.rpm39593b1cbc6adb04f190e68b86447345e1769d9007173e11924b7376151c20f5-ol7_x86_64_latest_ELS
libtiff-devel-4.0.3-35.0.1.el7.x86_64.rpmee1eb589ce58d473dbb0c838f9713205b762ee67e3aed7fe4984a0d8ad2c2433-ol7_x86_64_latest_ELS
libtiff-static-4.0.3-35.0.1.el7.i686.rpmb0fd04851fbe6d1b1fda85ac49fd9516521e5270c6c0b7f0e5d933908b57f37b-ol7_x86_64_latest_ELS
libtiff-static-4.0.3-35.0.1.el7.x86_64.rpm0a329939d151681a8cfe0ad3025ff39c3db7eb3da37e38d7daf02bb2cdf0e62c-ol7_x86_64_latest_ELS
libtiff-tools-4.0.3-35.0.1.el7.x86_64.rpma4ff5ef46f3b0179aa7d95ed65f1e02a0ea1bcf46e0b8d4a76905d0807bb35ea-ol7_x86_64_latest_ELS



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights