Issued:: 2025-10-13
Updated:: 2025-10-13

RHSA-2025:17738 - Security Advisory

Overview
Updated Packages

Synopsis

Important: compat-libtiff3 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF (Tagged Image File Format) image format files. This version should be used only if you are unable to use the current version of libtiff.

Security Fix(es):

libtiff: Libtiff Write-What-Where (CVE-2025-9900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2392784 - CVE-2025-9900 libtiff: Libtiff Write-What-Where

CVEs

CVE-2025-9900

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
compat-libtiff3-3.9.4-13.el8_2.1.src.rpm	SHA-256: 49ca00c4792853d42869cf0d1b5589343c5d5e95301da6d27c22cea3a7320f98
x86_64
compat-libtiff3-3.9.4-13.el8_2.1.i686.rpm	SHA-256: fd37df14fefee42786fd07e73e43d2082745dc7f9b4ebdc4f0f8d9eb2aabea8f
compat-libtiff3-3.9.4-13.el8_2.1.x86_64.rpm	SHA-256: a7777027bccf9e9c50246fa7f6b05f91486b04a2073c4b45dcf31e6e578b0af6
compat-libtiff3-debuginfo-3.9.4-13.el8_2.1.i686.rpm	SHA-256: 4117260374019d08374fafa1d943fdfd01c673b5d4817f247422fceaa464983e
compat-libtiff3-debuginfo-3.9.4-13.el8_2.1.x86_64.rpm	SHA-256: 2fe008dc1f340761b528d852754028d5ebf80e62d70d6d3b33012f89b55ec74a
compat-libtiff3-debugsource-3.9.4-13.el8_2.1.i686.rpm	SHA-256: 0290e59f7bb63d931e316fdec31aa177b402dbebe28778d9a141ba39efd97add
compat-libtiff3-debugsource-3.9.4-13.el8_2.1.x86_64.rpm	SHA-256: a6dce8312ea3069a250bcb3f4acb82d9c71456c488299c3c6ceec72ffa9bbc29

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation