SUSE-SU-2025:21032-1

This update for tiff fixes the following issues:

tiff was updated to 4.7.1:

• Software configuration changes:

  • Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tif_config.h.
  • CMake: define WORDSBIGENDIAN via tifconfig.h
  • doc/CMakeLists.txt: remove useless cmakeminimumrequired()
  • CMake: fix build with LLVM/Clang 17 (fixes issue #651)
  • CMake: set CMP0074 new policy
  • Set LINKER_LANGUAGE for C targets with C deps
  • Export tiffxx cmake target (fixes issue #674)
  • autogen.sh: Enable verbose wget.
  • configure.ac: Syntax updates for Autoconf 2.71
  • autogen.sh: Re-implement based on autoreconf. Failure to update config.guess/config.sub does not return error (fixes issue #672)
  • CMake: fix CMake 4.0 warning when minimum required version is < 3.10.
  • CMake: Add build option tiff-static (fixes issue #709) Library changes:
  • Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control about emitting warnings for unknown tags. No longer emit warnings about unknown tags by default
  • tif_predict.c: speed-up decompression in some cases.

• Bug fixes:

  • tif_fax3: For fax group 3 data if no EOL is detected, reading is retried without synchronisation for EOLs. (fixes issue #54)
  • Updating TIFFMergeFieldInfo() with readcount=writecount=0 for FIELDIGNORE. Updating TIFFMergeFieldInfo() with readcount=writecount=0 for FIELDIGNORE. Improving handling when field_name = NULL. (fixes issue #532)
  • tiff.h: add COMPRESSIONJXLDNG17=52546 as used for JPEGXL compression in the DNG 1.7 specification
  • TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags defined with FIELDxxx bits, as it is done for FIELDCUSTOM tags. (fixes issue #648)
  • Do not error out on a tag whose tag count value is zero, just issue a warning. Fix parsing a private tag 0x80a6 (fixes issue #647)
  • TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24 Fixes https://github.com/OSGeo/gdal/issues/10875)
  • tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)
  • Fix writing a Predictor=3 file with non-native endianness
  • _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds
  • read / nullptr dereference) in case of out-of-memory situation when dealing with custom tags (fixes issue #663)
  • tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and PlanarConfiguration = Contiguous (fixes issue #26)
  • tif_fax3.c: error out after a number of times end-of-line or unexpected bad code words have been reached. (fixes issue #670)
  • Fix memory leak in TIFFSetupStrips() (fixes issue #665)
  • tifzip.c: Provide zlib allocation functions. Otherwise for zlib built with -DZSOLO inflating will fail.
  • Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)
  • tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction" is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)
  • tif_getimage.c: update some integer overflow checks (fixes issue #79)
  • tif_getimage.c: Fix buffer underflow crash for less raster rows at TIFFReadRGBAImageOriented() (fixes issue #704, bsc#1250413, CVE-2025-9900)
  • TIFFReadRGBAImage(): several fixes to avoid buffer overflows.
  • Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative() if HAVE_IEEEFP is not defined. (fixes issue #699)
  • LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker has been found with remaining output bytes (fixes issue #698)
  • TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.
  • TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tifrawcp when clearing tifrawdata (fixes issue #711)
  • JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid out-of-bounds access (fixes issue #714)
  • tifjpeg: Fix bug in JPEGDecodeRaw() if JPEGLIBMK1OR_12BIT is defined for 8/12bit dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0. Fixes issue #717
  • add assert for TIFFReadCustomDirectory infoarray check.
  • ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line were written wrongly. (fixes issue #467)
  • fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)
  • tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)
  • tiff2pdf: check hsamp and vsamp for range 1 to 4 to avoid division by zero. Fixes issue #654
  • tiff2pdf: avoid null pointer dereference. (fixes issue #741)
  • Improve non-secure integer overflow check (comparison of division result with multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba. Fixes issue #546
  • tiff2rgba: fix some "a partial expression can generate an overflow before it is assigned to a broader type" warnings. (fixes issue #682)
  • tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)
  • tiffdither: avoid out-of-bounds read identified in issue #733
  • tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)
  • tiffmedian: close input file. (fixes issue #735)
  • thumbail: avoid potential out of bounds access (fixes issue #715)
  • tiffcrop: close open TIFF files and release allocated buffers before exiting in case of error to avoid memory leaks. (fixes issue #716)
  • tiffcrop: fix double-free and memory leak exposed by issue #721
  • tiffcrop: avoid buffer overflow. (fixes issue #740)
  • tiffcrop: avoid nullptr dereference. (fixes issue #734)
  • tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem to PrintData, which uses it as a divisor or modulus.
  • tiff2ps: check return of TIFFGetFiled() for TIFFTAGSTRIPBYTECOUNTS and TIFFTAGTILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)
  • tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)
  • tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)
  • raw2tiff: close input file before exit (fixes issue #742) Tools changes:
  • tiffinfo: add a -W switch to warn about unknown tags.
  • tiffdither: process all pages in input TIFF file.

• Documentation:

  • TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation from 5 (LeftTop) to 8 (LeftBottom) in the raster.
  • TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)
  • Update "Defining New TIFF Tags" description. (fixes issue #642)
  • Fix return type of TIFFReadEncodedTile()
  • Update the documentation to reflect deprecated typedefs.
  • TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image data and not for IFD data.
  • Update documentation on re-entrancy and thread safety.
  • Remove dead links to no more existing Awaresystems web-site.
  • Updating BigTIFF specification and some miscelaneous editions.
  • Replace some last links and remove last todos.
  • Added hints for correct allocation of TIFFYCbCrtoRGB structure and its associated buffers. (fixes issue #681)
  • Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF and custom directories. (fixes issue #43)
  • update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)

Security issues fixed:

• CVE-2025-8961: Fix segmentation fault via main function of tiffcrop utility [bsc#1248117]
• CVE-2025-8534: Fix null pointer dereference in function PS_Lvl2page [bsc#1247582]
• CVE-2025-9165: Fix local execution manipulation can lead to memory leak [bsc#1248330]
• CVE-2024-13978: Fix null pointer dereference in tiff2pdf [bsc#1247581]
• CVE-2025-8176: Fix heap use-after-free in tools/tiffmedian.c [bsc#1247108]

• CVE-2025-8177: Fix possible buffer overflow in tools/thumbnail.c:setrow() [bsc#1247106]

  • Fix TIFFMergeFieldInfo() readcount=writecount=0 (bsc#1243503)