Issued:: 2025-11-12
Updated:: 2025-11-12

RHSA-2025:21062 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libtiff security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

libtiff: Libtiff Write-What-Where (CVE-2025-9900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2392784 - CVE-2025-9900 libtiff: Libtiff Write-What-Where

CVEs

CVE-2025-9900

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libtiff-4.0.9-17.el8_2.1.src.rpm	SHA-256: 1713a7295cf8e0d094510a0c74bf07c7c8336fb8019084aa3da3317b4a07567a
x86_64
libtiff-4.0.9-17.el8_2.1.i686.rpm	SHA-256: 6d02a118c659c507c52aa7b530844de66115bdc46e4f6c8279e8d6cae9679d89
libtiff-4.0.9-17.el8_2.1.x86_64.rpm	SHA-256: e9d25d2289155179b009491f24928100e4c7ea679920932224d0ffedbf8d1ea7
libtiff-debuginfo-4.0.9-17.el8_2.1.i686.rpm	SHA-256: 9be1192f0100a36f3afa48fa69815098a9e77ff682b493959f0f6e6194ebc288
libtiff-debuginfo-4.0.9-17.el8_2.1.x86_64.rpm	SHA-256: 4dbd5c96a298b339b1f10c669d3c12cf0fb5d7d2635833689fac7a74e7721d3f
libtiff-debugsource-4.0.9-17.el8_2.1.i686.rpm	SHA-256: d2d16d33c84ed5618b4cb2bac2bdc36e3d82237de35abc23037898d5b7f84ec9
libtiff-debugsource-4.0.9-17.el8_2.1.x86_64.rpm	SHA-256: 3f82def6e48fba7916b418fedd4c6b01d866ba0fff421e0ed1b22b35cb25f5ec
libtiff-devel-4.0.9-17.el8_2.1.i686.rpm	SHA-256: 3d65795b951a388854cc47eb7a23126ae1cb022bd110de5b21febf4bde5467bd
libtiff-devel-4.0.9-17.el8_2.1.x86_64.rpm	SHA-256: c77c67264a6f14f7607c7baed0534a437a0a726f55c1336d8ab8ea43c4299f85
libtiff-tools-debuginfo-4.0.9-17.el8_2.1.i686.rpm	SHA-256: f89f4cf0230bf8a0ee3e99c3cdd11882d8b3c67b046a612d46be1b8debf62b13
libtiff-tools-debuginfo-4.0.9-17.el8_2.1.x86_64.rpm	SHA-256: cbabede28c7d8c243d87133b5cca0f089b4d61a0d3f127e69fd7d882e457ac86

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation