Description:
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Security Fix(es):
* libtiff: heap Buffer overflows in tiffcrop.c (CVE-2022-3570)
* libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix (CVE-2022-3597)
* libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c (CVE-2022-3598)
* libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c (CVE-2022-3599)
* libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c (CVE-2022-3626)
* libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (CVE-2022-3627)
* libtiff: integer overflow in function TIFFReadRGBATileExt of the file (CVE-2022-3970)
* libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645)
* libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value (CVE-2023-30774)
* libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c (CVE-2023-30775)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libtiff-4.4.0-7.el9.aarch64.rpm |
79bbf766ab9dc045e2b34071ec0f3a267df01a30b320e507a0d0521a9eb49235 |
| aarch64 |
libtiff-devel-4.4.0-7.el9.aarch64.rpm |
d870881416f786435bb98602df21f1b943efdb29e53e521c6c2dd37eca19354a |
| aarch64 |
libtiff-tools-4.4.0-7.el9.aarch64.rpm |
e0b9e73f23a55e29ec12618866cb78170a1090e137c4e0dcce9e3eb8de8b8018 |
| i686 |
libtiff-devel-4.4.0-7.el9.i686.rpm |
2125e73787c744185ff33e47b658d13e55738fbc5e9d5350c6f87a8959e0b157 |
| i686 |
libtiff-4.4.0-7.el9.i686.rpm |
e32a171db1e8c4664a9e660207c7724b47ea6d11a7fa4d4669b5876d4a635026 |
| ppc64le |
libtiff-tools-4.4.0-7.el9.ppc64le.rpm |
86ce6a165eec788a50cf682488457711b70758614643fb22ec68f4c71556a612 |
| ppc64le |
libtiff-4.4.0-7.el9.ppc64le.rpm |
f2f2beb42c12b65ce6acc08a06eb51d43bad12a39a2de0b194f8bb95e7c18e6a |
| ppc64le |
libtiff-devel-4.4.0-7.el9.ppc64le.rpm |
fcf6519b024a39ce2cf788b5da80bf4e2f45cf7ec1605c040a153c50d0b7312c |
| s390x |
libtiff-4.4.0-7.el9.s390x.rpm |
19a9588547a812a42d91731b9073e6904369d44ad47a99ae236de73a8caf09ec |
| s390x |
libtiff-devel-4.4.0-7.el9.s390x.rpm |
e7974857a21e3399a29aa3678f4322edd951c2353d162234b764f19375c48317 |
| s390x |
libtiff-tools-4.4.0-7.el9.s390x.rpm |
fac38976e09b7e688131f7c718c2caf7437b33d044f0d60cc601f36ff88f0660 |
| x86_64 |
libtiff-4.4.0-7.el9.x86_64.rpm |
54f8ea104d7c1383da191fb19f57b18aaae6fbb3e08447c08c1fbb4b7c953714 |
| x86_64 |
libtiff-tools-4.4.0-7.el9.x86_64.rpm |
c53b1fc03d4d95e58f791d7624fee64a57a7b31de7473f176f0db0f93c21777b |
| x86_64 |
libtiff-devel-4.4.0-7.el9.x86_64.rpm |
e785b42887ff5bcaa9c1d3d9ea013e72332e41e16a8b77360118a70cfba60d8c |
