Oracle Linux Security Advisory ELSA-2025-21407 http://linux.oracle.com/errata/ELSA-2025-21407.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libtiff-4.0.3-35.0.1.el7.i686.rpm libtiff-4.0.3-35.0.1.el7.x86_64.rpm libtiff-devel-4.0.3-35.0.1.el7.i686.rpm libtiff-devel-4.0.3-35.0.1.el7.x86_64.rpm libtiff-static-4.0.3-35.0.1.el7.i686.rpm libtiff-static-4.0.3-35.0.1.el7.x86_64.rpm libtiff-tools-4.0.3-35.0.1.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/libtiff-4.0.3-35.0.1.el7.src.rpm Related CVEs: CVE-2025-8176 CVE-2025-8177 CVE-2025-9900 Description of changes: [4.0.3-35.0.1] - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools [Orabug: 38658716] - fix CVE-2025-8177: buffer overflow thumbnail setrow [Orabug: 38658716] - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented() [Orabug: 38658716] _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
