ELSA-2025-21407

UNKNOWN

ELSA-2025-21407: libtiff security update (IMPORTANT)

Published Dec 1, 2025

Modified 1 months ago

Fix available

[4.0.3-35.0.1]

fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools [Orabug: 38658716]
fix CVE-2025-8177: buffer overflow thumbnail setrow [Orabug: 38658716]
fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented() [Orabug: 38658716]

OracleLinux:7libtiff

Fixed in:

0:4.0.3-35.0.1.el7

OracleLinux:7libtiff-devel

Fixed in:

0:4.0.3-35.0.1.el7

OracleLinux:7libtiff-static

Fixed in:

0:4.0.3-35.0.1.el7

OracleLinux:7libtiff-tools

Fixed in:

0:4.0.3-35.0.1.el7

PublishedDec 1, 2025

ModifiedDec 1, 2025