OESA-2025-1978
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1978
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1978.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2025-1978
- Upstream
- Published
- 2025-08-08T11:16:38Z
- Modified
- 2025-08-13T09:18:32.325256Z
- Summary
- libtiff security update
- Details
-
This provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff library.
Security Fix(es):
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.(CVE-2024-13978)
- Database specific
{ "severity": "Low" }- References
Affected packages
openEuler:20.03-LTS-SP4
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.0-26.oe2003sp4
Ecosystem specific
{
"aarch64": [
"libtiff-4.3.0-26.oe2003sp4.aarch64.rpm",
"libtiff-debuginfo-4.3.0-26.oe2003sp4.aarch64.rpm",
"libtiff-debugsource-4.3.0-26.oe2003sp4.aarch64.rpm",
"libtiff-devel-4.3.0-26.oe2003sp4.aarch64.rpm"
],
"src": [
"libtiff-4.3.0-26.oe2003sp4.src.rpm"
],
"noarch": [
"libtiff-help-4.3.0-26.oe2003sp4.noarch.rpm"
],
"x86_64": [
"libtiff-4.3.0-26.oe2003sp4.x86_64.rpm",
"libtiff-debuginfo-4.3.0-26.oe2003sp4.x86_64.rpm",
"libtiff-debugsource-4.3.0-26.oe2003sp4.x86_64.rpm",
"libtiff-devel-4.3.0-26.oe2003sp4.x86_64.rpm"
]
}openEuler:22.03-LTS-SP3
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.0-40.oe2203sp3
Ecosystem specific
{
"aarch64": [
"libtiff-4.3.0-40.oe2203sp3.aarch64.rpm",
"libtiff-debuginfo-4.3.0-40.oe2203sp3.aarch64.rpm",
"libtiff-debugsource-4.3.0-40.oe2203sp3.aarch64.rpm",
"libtiff-devel-4.3.0-40.oe2203sp3.aarch64.rpm",
"libtiff-static-4.3.0-40.oe2203sp3.aarch64.rpm",
"libtiff-tools-4.3.0-40.oe2203sp3.aarch64.rpm"
],
"src": [
"libtiff-4.3.0-40.oe2203sp3.src.rpm"
],
"noarch": [
"libtiff-help-4.3.0-40.oe2203sp3.noarch.rpm"
],
"x86_64": [
"libtiff-4.3.0-40.oe2203sp3.x86_64.rpm",
"libtiff-debuginfo-4.3.0-40.oe2203sp3.x86_64.rpm",
"libtiff-debugsource-4.3.0-40.oe2203sp3.x86_64.rpm",
"libtiff-devel-4.3.0-40.oe2203sp3.x86_64.rpm",
"libtiff-static-4.3.0-40.oe2203sp3.x86_64.rpm",
"libtiff-tools-4.3.0-40.oe2203sp3.x86_64.rpm"
]
}openEuler:22.03-LTS-SP4
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.0-40.oe2203sp4
Ecosystem specific
{
"aarch64": [
"libtiff-4.3.0-40.oe2203sp4.aarch64.rpm",
"libtiff-debuginfo-4.3.0-40.oe2203sp4.aarch64.rpm",
"libtiff-debugsource-4.3.0-40.oe2203sp4.aarch64.rpm",
"libtiff-devel-4.3.0-40.oe2203sp4.aarch64.rpm",
"libtiff-static-4.3.0-40.oe2203sp4.aarch64.rpm",
"libtiff-tools-4.3.0-40.oe2203sp4.aarch64.rpm"
],
"src": [
"libtiff-4.3.0-40.oe2203sp4.src.rpm"
],
"noarch": [
"libtiff-help-4.3.0-40.oe2203sp4.noarch.rpm"
],
"x86_64": [
"libtiff-4.3.0-40.oe2203sp4.x86_64.rpm",
"libtiff-debuginfo-4.3.0-40.oe2203sp4.x86_64.rpm",
"libtiff-debugsource-4.3.0-40.oe2203sp4.x86_64.rpm",
"libtiff-devel-4.3.0-40.oe2203sp4.x86_64.rpm",
"libtiff-static-4.3.0-40.oe2203sp4.x86_64.rpm",
"libtiff-tools-4.3.0-40.oe2203sp4.x86_64.rpm"
]
}openEuler:24.03-LTS
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-24.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.6.0-4.oe2403sp2
Ecosystem specific
{
"aarch64": [
"libtiff-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-devel-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-static-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-tools-4.6.0-4.oe2403.aarch64.rpm",
"libtiff-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-static-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-static-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp2.aarch64.rpm"
],
"src": [
"libtiff-4.6.0-4.oe2403.src.rpm",
"libtiff-4.6.0-4.oe2403sp1.src.rpm",
"libtiff-4.6.0-4.oe2403sp2.src.rpm"
],
"noarch": [
"libtiff-help-4.6.0-4.oe2403.noarch.rpm",
"libtiff-help-4.6.0-4.oe2403sp1.noarch.rpm",
"libtiff-help-4.6.0-4.oe2403sp2.noarch.rpm"
],
"x86_64": [
"libtiff-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-devel-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-static-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-tools-4.6.0-4.oe2403.x86_64.rpm",
"libtiff-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-static-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-static-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp2.x86_64.rpm"
]
}openEuler:24.03-LTS-SP1
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.6.0-4.oe2403sp1
Ecosystem specific
{
"aarch64": [
"libtiff-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-static-4.6.0-4.oe2403sp1.aarch64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp1.aarch64.rpm"
],
"src": [
"libtiff-4.6.0-4.oe2403sp1.src.rpm"
],
"noarch": [
"libtiff-help-4.6.0-4.oe2403sp1.noarch.rpm"
],
"x86_64": [
"libtiff-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-static-4.6.0-4.oe2403sp1.x86_64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp1.x86_64.rpm"
]
}openEuler:24.03-LTS-SP2
libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/openEuler/libtiff&distro=openEuler-24.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.6.0-4.oe2403sp2
Ecosystem specific
{
"aarch64": [
"libtiff-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-static-4.6.0-4.oe2403sp2.aarch64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp2.aarch64.rpm"
],
"src": [
"libtiff-4.6.0-4.oe2403sp2.src.rpm"
],
"noarch": [
"libtiff-help-4.6.0-4.oe2403sp2.noarch.rpm"
],
"x86_64": [
"libtiff-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-debuginfo-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-debugsource-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-devel-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-static-4.6.0-4.oe2403sp2.x86_64.rpm",
"libtiff-tools-4.6.0-4.oe2403sp2.x86_64.rpm"
]
}