Fedora 42 Update: libtiff Version 4.7.0-6.fc42
An updated version of the libtiff package is now available for Fedora Linux 42, specifically version 4.7.0-6.fc42, which addresses critical security vulnerabilities.
Overview:
- Package Name: libtiff
- Product Version: Fedora 42
- Release Version: 4.7.0-6.fc42
- Website: [libtiff](http://www.simplesystems.org/libtiff/)
- Summary: This package contains a library of functions for manipulating TIFF (Tagged Image File Format) images, which are commonly used for high-quality bitmap images.
Security Fixes:
This update addresses two significant security vulnerabilities:
1. CVE-2025-8176: A use-after-free vulnerability in the tiffmedian function, which could potentially allow for unexpected behavior or crashes.
2. CVE-2025-8177: A buffer overflow vulnerability in the thumbnail setrow function when processing malformed TIFF files, which could lead to data corruption or unauthorized access.
ChangeLog Highlights:
- The latest update was implemented by Michal Hlavinka to fix the use-after-free vulnerability and buffer overflow issues identified in previous versions.
Installation Instructions:
Users are encouraged to update their systems to this new version using the command line:
Security Assurance:
All packages are securely signed with the Fedora Project GPG key. Additional information regarding these keys can be found on the [Fedora Project keys page](https://fedoraproject.org/keys).
Conclusion:
This update is essential for users who work with TIFF image files, as it enhances security and maintains the integrity of the software. Users should ensure they have the latest version installed to protect against potential vulnerabilities
An updated version of the libtiff package is now available for Fedora Linux 42, specifically version 4.7.0-6.fc42, which addresses critical security vulnerabilities.
Overview:
- Package Name: libtiff
- Product Version: Fedora 42
- Release Version: 4.7.0-6.fc42
- Website: [libtiff](http://www.simplesystems.org/libtiff/)
- Summary: This package contains a library of functions for manipulating TIFF (Tagged Image File Format) images, which are commonly used for high-quality bitmap images.
Security Fixes:
This update addresses two significant security vulnerabilities:
1. CVE-2025-8176: A use-after-free vulnerability in the tiffmedian function, which could potentially allow for unexpected behavior or crashes.
2. CVE-2025-8177: A buffer overflow vulnerability in the thumbnail setrow function when processing malformed TIFF files, which could lead to data corruption or unauthorized access.
ChangeLog Highlights:
- The latest update was implemented by Michal Hlavinka to fix the use-after-free vulnerability and buffer overflow issues identified in previous versions.
Installation Instructions:
Users are encouraged to update their systems to this new version using the command line:
bashsu -c 'dnf upgrade --advisory FEDORA-2025-7d08872494'For further details on using the dnf package manager, refer to the [dnf documentation](http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label).
Security Assurance:
All packages are securely signed with the Fedora Project GPG key. Additional information regarding these keys can be found on the [Fedora Project keys page](https://fedoraproject.org/keys).
Conclusion:
This update is essential for users who work with TIFF image files, as it enhances security and maintains the integrity of the software. Users should ensure they have the latest version installed to protect against potential vulnerabilities
Libtiff update for Fedora 42
Updated libtiff packages are available for Fedora Linux 42:
[SECURITY] Fedora 42 Update: libtiff-4.7.0-6.fc42
