SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753

Security update for tiff

Type: security

Severity: moderate

Issued: 2025-02-28

Description:

This update for tiff fixes the following issues:

- CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c (bsc#1212607).
- CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213).


Other bugfixes:

- Fixed tiff build issue on s390x as test 12 test_directory fails (bsc#1236834).

References

Packages

tiff-4.7.0-150600.3.8.1