{"affected":[{"ecosystem_specific":{"binaries":[{"libtiff-devel":"4.7.1-160000.1.1","libtiff-devel-docs":"4.7.1-160000.1.1","libtiff6":"4.7.1-160000.1.1","tiff":"4.7.1-160000.1.1","tiff-docs":"4.7.1-160000.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"tiff","purl":"pkg:rpm/opensuse/tiff&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.1-160000.1.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libtiff-devel":"4.7.1-160000.1.1","libtiff-devel-docs":"4.7.1-160000.1.1","libtiff6":"4.7.1-160000.1.1","tiff":"4.7.1-160000.1.1","tiff-docs":"4.7.1-160000.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"tiff-man","purl":"pkg:rpm/opensuse/tiff-man&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.1-160000.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for tiff fixes the following issues:\n\ntiff was updated to 4.7.1:\n\n* Software configuration changes:\n\n  * Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h.\n  * CMake: define WORDS_BIGENDIAN via tif_config.h\n  * doc/CMakeLists.txt: remove useless cmake_minimum_required()\n  * CMake: fix build with LLVM/Clang 17 (fixes issue #651)\n  * CMake: set CMP0074 new policy\n  * Set LINKER_LANGUAGE for C targets with C deps\n  * Export tiffxx cmake target (fixes issue #674)\n  * autogen.sh: Enable verbose wget.\n  * configure.ac: Syntax updates for Autoconf 2.71\n  * autogen.sh: Re-implement based on autoreconf. Failure to update\n    config.guess/config.sub does not return error (fixes issue #672)\n  * CMake: fix CMake 4.0 warning when minimum required version is < 3.10.\n  * CMake: Add build option tiff-static (fixes issue #709)\n  Library changes:\n  * Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control\n    about emitting warnings for unknown tags. No longer emit warnings\n    about unknown tags by default\n  * tif_predict.c: speed-up decompression in some cases.\n\n* Bug fixes:\n\n  * tif_fax3: For fax group 3 data if no EOL is detected, reading is\n    retried without synchronisation for EOLs. (fixes issue #54)\n  * Updating TIFFMergeFieldInfo() with read_count=write_count=0 for\n    FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for\n    FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532)\n  * tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in\n    the DNG 1.7 specification\n  * TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags\n    defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648)\n  * Do not error out on a tag whose tag count value is zero, just issue a warning.\n    Fix parsing a private tag 0x80a6 (fixes issue #647)\n  * TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24\n    Fixes https://github.com/OSGeo/gdal/issues/10875)\n  * tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)\n  * Fix writing a Predictor=3 file with non-native endianness\n  * _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds\n  * read / nullptr dereference) in case of out-of-memory situation when dealing with\n    custom tags (fixes issue #663)\n  * tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and\n    PlanarConfiguration = Contiguous (fixes issue #26)\n  * tif_fax3.c: error out after a number of times end-of-line or unexpected bad code\n    words have been reached. (fixes issue #670)\n  * Fix memory leak in TIFFSetupStrips() (fixes issue #665)\n  * tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with\n    -DZ_SOLO inflating will fail.\n  * Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)\n  * tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if \"prediction\"\n    is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)\n  * tif_getimage.c: update some integer overflow checks (fixes issue #79)\n  * tif_getimage.c: Fix buffer underflow crash for less raster rows at\n    TIFFReadRGBAImageOriented() (fixes issue #704, bsc#1250413, CVE-2025-9900)\n  * TIFFReadRGBAImage(): several fixes to avoid buffer overflows.\n  * Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative()\n    if HAVE_IEEEFP is not defined. (fixes issue #699)\n  * LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker\n    has been found with remaining output bytes (fixes issue #698)\n  * TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.\n  * TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing\n    tif_rawdata (fixes issue #711)\n  * JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid\n    out-of-bounds access (fixes issue #714)\n  * tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit\n    dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0.\n    Fixes issue #717\n  * add assert for TIFFReadCustomDirectory infoarray check.\n  * ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line\n    were written wrongly. (fixes issue #467)\n  * fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where\n    TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)\n  * tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)\n  * tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero.\n    Fixes issue #654\n  * tiff2pdf: avoid null pointer dereference. (fixes issue #741)\n  * Improve non-secure integer overflow check (comparison of division result with\n    multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba.\n    Fixes issue #546\n  * tiff2rgba: fix some \"a partial expression can generate an overflow before it is\n    assigned to a broader type\" warnings. (fixes issue #682)\n  * tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)\n  * tiffdither: avoid out-of-bounds read identified in issue #733\n  * tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)\n  * tiffmedian: close input file. (fixes issue #735)\n  * thumbail: avoid potential out of bounds access (fixes issue #715)\n  * tiffcrop: close open TIFF files and release allocated buffers before exiting in case\n    of error to avoid memory leaks. (fixes issue #716)\n  * tiffcrop: fix double-free and memory leak exposed by issue #721\n  * tiffcrop: avoid buffer overflow. (fixes issue #740)\n  * tiffcrop: avoid nullptr dereference. (fixes issue #734)\n  * tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem\n    to PrintData, which uses it as a divisor or modulus.\n  * tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and\n    TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)\n  * tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)\n  * tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)\n  * raw2tiff: close input file before exit (fixes issue #742)\n  Tools changes:\n  * tiffinfo: add a -W switch to warn about unknown tags.\n  * tiffdither: process all pages in input TIFF file.\n\n* Documentation:\n\n  * TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation\n    from 5 (LeftTop) to 8 (LeftBottom) in the raster.\n  * TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)\n  * Update \"Defining New TIFF Tags\" description. (fixes issue #642)\n  * Fix return type of TIFFReadEncodedTile()\n  * Update the documentation to reflect deprecated typedefs.\n  * TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image\n    data and not for IFD data.\n  * Update documentation on re-entrancy and thread safety.\n  * Remove dead links to no more existing Awaresystems web-site.\n  * Updating BigTIFF specification and some miscelaneous editions.\n  * Replace some last links and remove last todos.\n  * Added hints for correct allocation of TIFFYCbCrtoRGB structure and its\n    associated buffers. (fixes issue #681)\n  * Added chapter to \"Using the TIFF Library\" with links to handling multi-page TIFF\n    and custom directories. (fixes issue #43)\n  * update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)\n\nSecurity issues fixed:\n\n  * CVE-2025-8961: Fix segmentation fault via main function of tiffcrop utility [bsc#1248117]\n  * CVE-2025-8534: Fix null pointer dereference in function PS_Lvl2page [bsc#1247582]\n  * CVE-2025-9165: Fix local execution manipulation can lead to memory leak [bsc#1248330]\n  * CVE-2024-13978: Fix null pointer dereference in tiff2pdf [bsc#1247581]\n  * CVE-2025-8176: Fix heap use-after-free in tools/tiffmedian.c [bsc#1247108]\n  * CVE-2025-8177: Fix possible buffer overflow in tools/thumbnail.c:setrow()  [bsc#1247106]\n\n- Fix TIFFMergeFieldInfo() read_count=write_count=0 (bsc#1243503)\n\n","id":"openSUSE-SU-2025-20049-1","modified":"2025-11-19T09:40:24Z","published":"2025-11-19T09:40:24Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1243503"},{"type":"REPORT","url":"https://bugzilla.suse.com/1247106"},{"type":"REPORT","url":"https://bugzilla.suse.com/1247108"},{"type":"REPORT","url":"https://bugzilla.suse.com/1247581"},{"type":"REPORT","url":"https://bugzilla.suse.com/1247582"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248117"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248330"},{"type":"REPORT","url":"https://bugzilla.suse.com/1250413"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-13978"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-8176"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-8177"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-8534"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-8961"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-9165"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-9900"}],"related":["CVE-2024-13978","CVE-2025-8176","CVE-2025-8177","CVE-2025-8534","CVE-2025-8961","CVE-2025-9165","CVE-2025-9900"],"summary":"Security update for tiff","upstream":["CVE-2024-13978","CVE-2025-8176","CVE-2025-8177","CVE-2025-8534","CVE-2025-8961","CVE-2025-9165","CVE-2025-9900"]}