<div class="container">
<h1>Security update for tiff</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:20971-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-11-06T11:06:35Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219213">bsc#1219213</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228924">bsc#1228924</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236834">bsc#1236834</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1243503">bsc#1243503</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247106">bsc#1247106</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247108">bsc#1247108</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247581">bsc#1247581</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247582">bsc#1247582</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248117">bsc#1248117</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248330">bsc#1248330</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1250413">bsc#1250413</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-52356.html">CVE-2023-52356</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-13978.html">CVE-2024-13978</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-7006.html">CVE-2024-7006</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-8176.html">CVE-2025-8176</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-8177.html">CVE-2025-8177</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-8534.html">CVE-2025-8534</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-8961.html">CVE-2025-8961</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-9165.html">CVE-2025-9165</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-9900.html">CVE-2025-9900</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-52356</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.0</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-52356</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-52356</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-13978</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.7</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-13978</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-13978</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.0</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-13978</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-7006</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-7006</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.4</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-7006</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-7006</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8176</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">8.4</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8176</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8176</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">1.9</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8176</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8176</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8177</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8177</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8177</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">4.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8177</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8177</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8534</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">2.0</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8534</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">2.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8534</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">1.1</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8534</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8961</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8961</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8961</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">1.9</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-8961</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9165</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9165</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9165</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">1.1</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9165</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9900</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">8.5</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9900</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-9900</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.8</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.1</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves nine vulnerabilities and has two fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for tiff fixes the following issues:</p>
<ul>
<li>Update to 4.7.1:
Security:</li>
<li>CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106)</li>
<li>CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108)</li>
<li>CVE-2024-13978: libtiff: Fixed LibTIFF Null Pointer Dereference (bsc#1247581)</li>
<li>CVE-2025-8534: Fixed null pointer dereference in function PS_Lvl2page (bsc#1247582)</li>
<li>CVE-2025-8961: Fixed segmentation fault via main function of tiffcrop utility (bsc#1248117)</li>
<li>CVE-2025-9165: libtiff: Fixed local execution manipulation leading to memory leak (bsc#1248330)</li>
<li>CVE-2025-9900: libtiff: Fixed Write-What-Where via TIFFReadRGBAImageOriented (bsc#1250413)
Software configuration changes:</li>
<li>Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h.</li>
<li>CMake: define WORDS_BIGENDIAN via tif_config.h</li>
<li>doc/CMakeLists.txt: remove useless cmake_minimum_required()</li>
<li>CMake: fix build with LLVM/Clang 17 (fixes issue #651)</li>
<li>CMake: set CMP0074 new policy</li>
<li>Set LINKER_LANGUAGE for C targets with C deps</li>
<li>Export tiffxx cmake target (fixes issue #674)</li>
<li>autogen.sh: Enable verbose wget.</li>
<li>configure.ac: Syntax updates for Autoconf 2.71</li>
<li>autogen.sh: Re-implement based on autoreconf. Failure to update
config.guess/config.sub does not return error (fixes issue #672)</li>
<li>CMake: fix CMake 4.0 warning when minimum required version is < 3.10.</li>
<li>CMake: Add build option tiff-static (fixes issue #709)
Library changes:</li>
<li>Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control
about emitting warnings for unknown tags. No longer emit warnings
about unknown tags by default</li>
<li>tif_predict.c: speed-up decompression in some cases.
Bug fixes:</li>
<li>tif_fax3: For fax group 3 data if no EOL is detected, reading is
retried without synchronisation for EOLs. (fixes issue #54)</li>
<li>Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532)</li>
<li>tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in
the DNG 1.7 specification</li>
<li>TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags
defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648)</li>
<li>Do not error out on a tag whose tag count value is zero, just issue a warning.
Fix parsing a private tag 0x80a6 (fixes issue #647)</li>
<li>TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24 </li>
<li>tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)</li>
<li>Fix writing a Predictor=3 file with non-native endianness</li>
<li>_TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds</li>
<li>read / nullptr dereference) in case of out-of-memory situation when dealing with
custom tags (fixes issue #663)</li>
<li>tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and
PlanarConfiguration = Contiguous (fixes issue #26)</li>
<li>tif_fax3.c: error out after a number of times end-of-line or unexpected bad code
words have been reached. (fixes issue #670)</li>
<li>Fix memory leak in TIFFSetupStrips() (fixes issue #665)</li>
<li>tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with
-DZ_SOLO inflating will fail.</li>
<li>Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)</li>
<li>tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction"
is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)</li>
<li>tif_getimage.c: update some integer overflow checks (fixes issue #79)</li>
<li>TIFFReadRGBAImage(): several fixes to avoid buffer overflows.</li>
<li>Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative()
if HAVE_IEEEFP is not defined. (fixes issue #699)</li>
<li>LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker
has been found with remaining output bytes (fixes issue #698)</li>
<li>TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.</li>
<li>TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing
tif_rawdata (fixes issue #711)</li>
<li>JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid
out-of-bounds access (fixes issue #714)</li>
<li>tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit
dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0.
Fixes issue #717</li>
<li>add assert for TIFFReadCustomDirectory infoarray check.</li>
<li>ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line
were written wrongly. (fixes issue #467)</li>
<li>fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where
TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)</li>
<li>tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)</li>
<li>tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero.
Fixes issue #654</li>
<li>tiff2pdf: avoid null pointer dereference. (fixes issue #741)</li>
<li>Improve non-secure integer overflow check (comparison of division result with
multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba.
Fixes issue #546</li>
<li>tiff2rgba: fix some "a partial expression can generate an overflow before it is
assigned to a broader type" warnings. (fixes issue #682)</li>
<li>tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)</li>
<li>tiffdither: avoid out-of-bounds read identified in issue #733</li>
<li>tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)</li>
<li>tiffmedian: close input file. (fixes issue #735)</li>
<li>thumbail: avoid potential out of bounds access (fixes issue #715)</li>
<li>tiffcrop: close open TIFF files and release allocated buffers before exiting in case
of error to avoid memory leaks. (fixes issue #716)</li>
<li>tiffcrop: fix double-free and memory leak exposed by issue #721</li>
<li>tiffcrop: avoid buffer overflow. (fixes issue #740)</li>
<li>tiffcrop: avoid nullptr dereference. (fixes issue #734)</li>
<li>tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem
to PrintData, which uses it as a divisor or modulus.</li>
<li>tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and
TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)</li>
<li>tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)</li>
<li>tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)</li>
<li>raw2tiff: close input file before exit (fixes issue #742)
Tools changes:</li>
<li>tiffinfo: add a -W switch to warn about unknown tags.</li>
<li>tiffdither: process all pages in input TIFF file.
Documentation:</li>
<li>TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation
from 5 (LeftTop) to 8 (LeftBottom) in the raster.</li>
<li>TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)</li>
<li>Update "Defining New TIFF Tags" description. (fixes issue #642)</li>
<li>Fix return type of TIFFReadEncodedTile()</li>
<li>Update the documentation to reflect deprecated typedefs.</li>
<li>TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image
data and not for IFD data.</li>
<li>Update documentation on re-entrancy and thread safety.</li>
<li>Remove dead links to no more existing Awaresystems web-site.</li>
<li>Updating BigTIFF specification and some miscelaneous editions.</li>
<li>Replace some last links and remove last todos.</li>
<li>Added hints for correct allocation of TIFFYCbCrtoRGB structure and its
associated buffers. (fixes issue #681)</li>
<li>Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF
and custom directories. (fixes issue #43)</li>
<li>
<p>update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)</p>
</li>
<li>
<p>Fix TIFFMergeFieldInfo() read_count=write_count=0 (bsc#1243503)</p>
</li>
<li>Add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to fix FTBFS with cmake4</li>
<li>Add %check section</li>
<li>Remove Group: declarations, no longer used</li>
<li>Use python3-Sphinx instead of %{primary_python}-Sphinx
based on recommendation from python maintainers.</li>
<li>Fixes build issue of man flavor on 15.6</li>
<li>Update test/test_directory.c not to fail on big-endian machines (bsc#1236834).</li>
<li>
<p>Fix versioning of tiff-docs under Recommends</p>
</li>
<li>
<p>Update to 4.7.0:</p>
</li>
<li>This version restores in the default build the availability of
the tools that had been dropped in v4.6.0</li>
<li>Software configuration changes:<ul>
<li>autoconf build: configure.ac: avoid -Werror passed to CFLAGS to interfere with feature detection</li>
<li>autoconf build: fix error when running make clean (fixes issue #630)</li>
<li>autoconf build: back off the minimum required automake version to 1.11</li>
<li>autoconf.ac: fix detection of windows.h for mingw (fixes issue #605)</li>
<li>libtiff-4.pc: Fix Requires.private missing Lerc. It provides a .pc file
starting from version 4 (in autoconf builds, we assume that liblerc is at least version 4)</li>
<li>CMake: Fix TIFF_INCLUDE_DIRS</li>
<li>CMake: MinGW compilers don't need a .def file for shared library</li>
<li>CMake: move libdeflate and Lerc to Requires.private</li>
<li>CMake: enable resource compilation on all Windows.</li>
</ul>
</li>
<li>Library changes:<ul>
<li>Add TIFFOpenOptionsSetMaxCumulatedMemAlloc(). This function complements
TIFFOpenOptionsSetMaxSingleMemAlloc() to define the maximum cumulated memory
allocations in byte, for a given TIFF handle, that libtiff internal memory
allocation functions are allowed. </li>
<li>TIFFWriteDirectory(): Avoid overwriting following data if an IFD is enlarged.</li>
<li>TIFFXYZToRGB: avoid integer overflow (fixes issue #644)</li>
<li>uv_decode() and uv_encode(): avoid potential out-of-bounds array index (fixes issue #645)</li>
<li>Fix cases where tif_curdir is set incorrectly. Fix cases where the current directory number (tif_curdir)
is set inconsistently or incorrectly, depending on the previous history.</li>
<li>TIFFRead[Scanline/EncodedStrip/EncodeTile]: 0-initialize output buffer if setupdecode fails ;
most codecs: zero-initialize (not-yet-written parts of) output buffer if failure (fixes issue #375)</li>
<li>OJPEG: reset subsampling_convert_state=0 in OJPEGPreDecode (fixes issue #183)</li>
<li>ThunderRLE: fix failure when decoding last run. Bug seen with GhostPDL</li>
<li>LERC codec: deal with issues with multi-band PlanarConfig=Contig and NaN values</li>
<li>tif_fax3.c: error out after a number of times end-of-file has been reached (fixes issue #583)</li>
<li>LZW: avoid warning about misaligned address with UBSAN (fixes issue #616)</li>
<li>CVE-2023-52356: Fixed segment fault in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213)</li>
<li>tif_dirread.c: only issue TIFFGetFileSize() for large enough RAM requests</li>
<li>Avoid FPEs (division by zero) in tif_getimage.c.</li>
<li>Avoiding FPE (division by zero) for TIFFhowmany_32() and TIFFhowmany_64() macros by checking for
denominator not zero before macros are executed. (fixes issue #628)</li>
<li>Add non-zero check before division in TIFFComputeStrip()</li>
<li>Fix wrong return of TIFFIsBigTIFF() in case byte-swapping is active</li>
<li>Setting the TIFFFieldInfo field set_field_type should consider field_writecount not field_readcount</li>
<li>Avoid memory leaks when using TIFFCreateDirectory() by releasing the allocated memory in the tif-structure.</li>
<li>For non-terminated ASCII arrays, the buffer is first enlarged before a NULL is set at the end to
avoid deleting the last character. (fixes issue #579)</li>
<li>CVE-2024-7006: Fixed NULL pointer dereference in tif_dirinfo.c (bsc#1228924)</li>
<li>Prevent some out-of-memory attacks (fixes issue #614)</li>
<li>Ensure absolute seeking is forced independent of TIFFReadDirectory success. (fixes issue #618)</li>
<li>tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and TIFFTAG_EP_CFAPATTERN tags (fixes issue #608)</li>
<li>Fix warnings with GCC 14</li>
<li>tif_dir.c: Log source file, line number, and input tif for directory count error (fixes issue #627)</li>
<li>Last usage of get_field_type of TIFFField structure at TIFFWriteDirectorySec() changed to using set_field_type.</li>
<li>tif_jpeg.c/tif_ojpeg.c: remove likely ifdef tricks related to old compilers or unusual setups</li>
<li>Remove _TIFFUInt64ToFloat() and _TIFFUInt64ToDouble()</li>
<li>Remove support for _MSC_VER < 1500.</li>
<li>Use #ifdef _WIN32 to test for Windows, and tiffio.h: remove definition of <strong>WIN32</strong></li>
</ul>
</li>
<li>Documentation:<ul>
<li>Amend manpages for changes in current directory index behaviour</li>
<li>Note on using TIFFFlush() before TIFFClose() to check that the data has been successfully written to the file. (fixes issue #506)</li>
<li>Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes</li>
</ul>
</li>
<li>Re-added tools:<ul>
<li>fax2ps</li>
<li>fax2tiff</li>
<li>pal2rgb</li>
<li>ppm2tiff</li>
<li>raw2tiff</li>
<li>rgb2ycbcr (not installed)</li>
<li>thumbnail (not installed)</li>
<li>tiff2bw</li>
<li>tiff2rgba</li>
<li>tiffcmp</li>
<li>tiffcrop</li>
<li>tiffdither</li>
<li>tiffgt</li>
<li>tiffmedian</li>
<li>tiff2ps</li>
<li>tiff2pdf</li>
</ul>
</li>
<li>New/improved functionality:<ul>
<li>tiff2rgba: Add background gradient option for alpha compositing</li>
<li>tiffcp: -i flag restored</li>
</ul>
</li>
<li>Bug fixes for tools:<ul>
<li>tiffcrop: address Coverity scan issues 1605444, 1605445, and 16054</li>
<li>tiffcrop: Apply "Fix heap-buffer-overflow in function extractImageSection"</li>
<li>tiffcrop: fix buffer overflows, use after free (fixes issue #542, issue #550, issue #552)</li>
<li>tiff2pdf: address Coverity scan issues</li>
<li>tiff2pdf: fix inconsistent PLANARCONFIG value for the input and output TIFF</li>
<li>tiff2pdf: fix issue with JPEG restart-interval marker when converting from JPEG-compressed files (fixes issue #539)</li>
<li>tiff2pdf: red and blue were being swapped for RGBA decoding (fixes issue #253)</li>
<li>tiff2pdf: fixes issue #596</li>
<li>thumbnail: address Coverity scan issues</li>
<li>tiffcp: Add check for limitMalloc return to fix Coverity 1603334</li>
<li>tiffcp: preserve TIFFTAG_REFERENCEBLACKWHITE when doing YCbCr JPEG -> YCbCr JPEG</li>
<li>tiffcp: replace PHOTOMETRIC_YCBCR with PHOTOMETRIC_RGB when outputing to compression != JPEG (refs issue #571)</li>
<li>tiffcp: do not copy tags YCBCRCOEFFICIENTS, YCBCRSUBSAMPLING, YCBCRPOSITIONING, REFERENCEBLACKWHITE. Only set YCBCRSUBSAMPLING when generating YCbCr JPEG</li>
<li>tiffcp: Check also codec of input image, not only from output image (fixes issue #606)</li>
<li>Add some basic sanity checks for tiffcp and tiffcrop RGB->YCbCr JPEG conversions.</li>
<li>fax2ps and fax2tiff: memory leak fixes (fixes issue #476)</li>
<li>tiffmedian: memory leak fixes (fixes issue #599)</li>
<li>fax2tiff: fix EOFB interpretation (fixes issue #191)</li>
<li>fax2tiff: fix issue with unreasonable width input (fixes issue #249)</li>
<li>tiffcp and tiffcrop: fixes issue #228</li>
<li>tiff2rgba: fixes issue #469</li>
<li>tiffdither: fixes issue #473</li>
<li>tiffdump: fix wrong printf formatter in error message (Coverity 1472932)</li>
<li>tiffset: avoid false positive Coverity Scan warning on 64-bit builds (Coverity 1518997)</li>
<li>tifcp/tiffset: use correct format specifiers</li>
</ul>
</li>
<li>Changes to contributed and unsupported tools<ul>
<li>contrib/addtiffo: validate return of TIFFWriteEncodedXXXX() calls (Coverity 1024680)</li>
</ul>
</li>
<li>Tools are not built for now due to test failure: <code>FAIL: tiffcp-32bpp-None-jpeg.sh</code></li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.1
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-6.1-332=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64)
<ul>
<li>libtiff6-debuginfo-4.7.1-slfo.1.1_1.1</li>
<li>libtiff6-4.7.1-slfo.1.1_1.1</li>
<li>tiff-debugsource-4.7.1-slfo.1.1_1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-52356.html">https://www.suse.com/security/cve/CVE-2023-52356.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-13978.html">https://www.suse.com/security/cve/CVE-2024-13978.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-7006.html">https://www.suse.com/security/cve/CVE-2024-7006.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-8176.html">https://www.suse.com/security/cve/CVE-2025-8176.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-8177.html">https://www.suse.com/security/cve/CVE-2025-8177.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-8534.html">https://www.suse.com/security/cve/CVE-2025-8534.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-8961.html">https://www.suse.com/security/cve/CVE-2025-8961.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-9165.html">https://www.suse.com/security/cve/CVE-2025-9165.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-9900.html">https://www.suse.com/security/cve/CVE-2025-9900.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219213">https://bugzilla.suse.com/show_bug.cgi?id=1219213</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228924">https://bugzilla.suse.com/show_bug.cgi?id=1228924</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236834">https://bugzilla.suse.com/show_bug.cgi?id=1236834</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1243503">https://bugzilla.suse.com/show_bug.cgi?id=1243503</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247106">https://bugzilla.suse.com/show_bug.cgi?id=1247106</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247108">https://bugzilla.suse.com/show_bug.cgi?id=1247108</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247581">https://bugzilla.suse.com/show_bug.cgi?id=1247581</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1247582">https://bugzilla.suse.com/show_bug.cgi?id=1247582</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248117">https://bugzilla.suse.com/show_bug.cgi?id=1248117</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248330">https://bugzilla.suse.com/show_bug.cgi?id=1248330</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1250413">https://bugzilla.suse.com/show_bug.cgi?id=1250413</a>
</li>
</ul>
</div>