compat-libtiff3-3.9.4-15.el8_10
エラータID: AXSA:2026-739:01
The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF (Tagged Image File Format) image format files. This version should be used only if you are unable to use the current version of libtiff.
Security Fix(es):
* libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-4775
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
Update packages.
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
N/A
SRPMS
- compat-libtiff3-3.9.4-15.el8_10.src.rpm
MD5: a7ca10d577186c57b9233aac14bc88b4
SHA-256: 4cea8d6f912e6468a2fdfeef1a1191142def1aace6f0e7917f429f0c6fb669f4
Size: 1.41 MB
Asianux Server 8 for x86_64
- compat-libtiff3-3.9.4-15.el8_10.i686.rpm
MD5: 0e6700b9e75e8c89737fa383dece0e27
SHA-256: 8eeaf292299624f50534550abcc9d44b5ca47a0b1f7670a051d652451ac6294c
Size: 150.11 kB - compat-libtiff3-3.9.4-15.el8_10.x86_64.rpm
MD5: feaf074a9fc8bef8acba7e3515e6ed55
SHA-256: a5deaf07551bee067e92a15195a344935ee5e0d42be9488ebac7d7b22ee45a3d
Size: 142.75 kB
日本語