Red Hat Product Errata RHSA-2025:17740 - Security Advisory
Issued:
2025-10-13
Updated:
2025-10-13

RHSA-2025:17740 - Security Advisory

Synopsis

Important: compat-libtiff3 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF (Tagged Image File Format) image format files. This version should be used only if you are unable to use the current version of libtiff.

Security Fix(es):

  • libtiff: Libtiff Write-What-Where (CVE-2025-9900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2392784 - CVE-2025-9900 libtiff: Libtiff Write-What-Where

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.1.src.rpm SHA-256: 71dd06e64facb0d8bd9d0c89a7e29cc602a49cbb6d85871fbdfa93bdf86cd48a
x86_64
compat-libtiff3-3.9.4-13.el8_8.1.i686.rpm SHA-256: a3b77f5fa1e81a1e80b473183ce96adb6b37b38634cbbb06706372bcfac927dc
compat-libtiff3-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: dc235ee3a02b147f0a0f5a8d22769f05a845b0d53a32a1a8be2800f0f70376a8
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.i686.rpm SHA-256: 88b5b8b7000055841ecaf00b0f57bc1324320d515c2bb0ccd040f69f6a47ef29
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: 34907737b82a80d6e1612133538918b67a9e53926014a97f508c1ab43a72375d
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.i686.rpm SHA-256: 4eba2586eaaa508a04369d11c962739b408d327666e210f944b7f45c2fd26348
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: d874d40c85d75dafdf3b488398b4d333eefe6123f2da67d8b64b5cb6c3bb4751

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.1.src.rpm SHA-256: 71dd06e64facb0d8bd9d0c89a7e29cc602a49cbb6d85871fbdfa93bdf86cd48a
x86_64
compat-libtiff3-3.9.4-13.el8_8.1.i686.rpm SHA-256: a3b77f5fa1e81a1e80b473183ce96adb6b37b38634cbbb06706372bcfac927dc
compat-libtiff3-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: dc235ee3a02b147f0a0f5a8d22769f05a845b0d53a32a1a8be2800f0f70376a8
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.i686.rpm SHA-256: 88b5b8b7000055841ecaf00b0f57bc1324320d515c2bb0ccd040f69f6a47ef29
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: 34907737b82a80d6e1612133538918b67a9e53926014a97f508c1ab43a72375d
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.i686.rpm SHA-256: 4eba2586eaaa508a04369d11c962739b408d327666e210f944b7f45c2fd26348
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: d874d40c85d75dafdf3b488398b4d333eefe6123f2da67d8b64b5cb6c3bb4751

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.1.src.rpm SHA-256: 71dd06e64facb0d8bd9d0c89a7e29cc602a49cbb6d85871fbdfa93bdf86cd48a
ppc64le
compat-libtiff3-3.9.4-13.el8_8.1.ppc64le.rpm SHA-256: 7827a3b0968e7995e0438cacf924a8f87ec0d3a35c66281dea6f280b444b9efe
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.ppc64le.rpm SHA-256: 26b48ffc73899adf4fc33f3a95254acb5a1c4030c1e669a9b7566495b4f53f25
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.ppc64le.rpm SHA-256: 6263fbb9126bec1a2980681e405f725d85fbae0ccf91436b851f156f35663b64

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.1.src.rpm SHA-256: 71dd06e64facb0d8bd9d0c89a7e29cc602a49cbb6d85871fbdfa93bdf86cd48a
x86_64
compat-libtiff3-3.9.4-13.el8_8.1.i686.rpm SHA-256: a3b77f5fa1e81a1e80b473183ce96adb6b37b38634cbbb06706372bcfac927dc
compat-libtiff3-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: dc235ee3a02b147f0a0f5a8d22769f05a845b0d53a32a1a8be2800f0f70376a8
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.i686.rpm SHA-256: 88b5b8b7000055841ecaf00b0f57bc1324320d515c2bb0ccd040f69f6a47ef29
compat-libtiff3-debuginfo-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: 34907737b82a80d6e1612133538918b67a9e53926014a97f508c1ab43a72375d
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.i686.rpm SHA-256: 4eba2586eaaa508a04369d11c962739b408d327666e210f944b7f45c2fd26348
compat-libtiff3-debugsource-3.9.4-13.el8_8.1.x86_64.rpm SHA-256: d874d40c85d75dafdf3b488398b4d333eefe6123f2da67d8b64b5cb6c3bb4751

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.