An update for libtiff is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1978 Final 1.0 1.0 2025-08-08 Initial 2025-08-08 2025-08-08 openEuler SA Tool V1.0 2025-08-08 libtiff security update An update for libtiff is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3 This provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff library. Security Fix(es): A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.(CVE-2024-13978) An update for libtiff is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Low libtiff https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1978 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-13978 https://nvd.nist.gov/vuln/detail/CVE-2024-13978 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 libtiff-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-debuginfo-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-debugsource-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-devel-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-static-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-tools-4.3.0-40.oe2203sp4.aarch64.rpm libtiff-4.6.0-4.oe2403.aarch64.rpm libtiff-debuginfo-4.6.0-4.oe2403.aarch64.rpm libtiff-debugsource-4.6.0-4.oe2403.aarch64.rpm libtiff-devel-4.6.0-4.oe2403.aarch64.rpm libtiff-static-4.6.0-4.oe2403.aarch64.rpm libtiff-tools-4.6.0-4.oe2403.aarch64.rpm libtiff-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-debuginfo-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-debugsource-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-devel-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-static-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-tools-4.6.0-4.oe2403sp1.aarch64.rpm libtiff-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-debuginfo-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-debugsource-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-devel-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-static-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-tools-4.6.0-4.oe2403sp2.aarch64.rpm libtiff-4.3.0-26.oe2003sp4.aarch64.rpm libtiff-debuginfo-4.3.0-26.oe2003sp4.aarch64.rpm libtiff-debugsource-4.3.0-26.oe2003sp4.aarch64.rpm libtiff-devel-4.3.0-26.oe2003sp4.aarch64.rpm libtiff-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-debuginfo-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-debugsource-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-devel-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-static-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-tools-4.3.0-40.oe2203sp3.aarch64.rpm libtiff-4.3.0-40.oe2203sp4.src.rpm libtiff-4.6.0-4.oe2403.src.rpm libtiff-4.6.0-4.oe2403sp1.src.rpm libtiff-4.6.0-4.oe2403sp2.src.rpm libtiff-4.3.0-26.oe2003sp4.src.rpm libtiff-4.3.0-40.oe2203sp3.src.rpm libtiff-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-debuginfo-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-debugsource-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-devel-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-static-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-tools-4.3.0-40.oe2203sp4.x86_64.rpm libtiff-4.6.0-4.oe2403.x86_64.rpm libtiff-debuginfo-4.6.0-4.oe2403.x86_64.rpm libtiff-debugsource-4.6.0-4.oe2403.x86_64.rpm libtiff-devel-4.6.0-4.oe2403.x86_64.rpm libtiff-static-4.6.0-4.oe2403.x86_64.rpm libtiff-tools-4.6.0-4.oe2403.x86_64.rpm libtiff-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-debuginfo-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-debugsource-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-devel-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-static-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-tools-4.6.0-4.oe2403sp1.x86_64.rpm libtiff-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-debuginfo-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-debugsource-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-devel-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-static-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-tools-4.6.0-4.oe2403sp2.x86_64.rpm libtiff-4.3.0-26.oe2003sp4.x86_64.rpm libtiff-debuginfo-4.3.0-26.oe2003sp4.x86_64.rpm libtiff-debugsource-4.3.0-26.oe2003sp4.x86_64.rpm libtiff-devel-4.3.0-26.oe2003sp4.x86_64.rpm libtiff-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-debuginfo-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-debugsource-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-devel-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-static-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-tools-4.3.0-40.oe2203sp3.x86_64.rpm libtiff-help-4.3.0-40.oe2203sp4.noarch.rpm libtiff-help-4.6.0-4.oe2403.noarch.rpm libtiff-help-4.6.0-4.oe2403sp1.noarch.rpm libtiff-help-4.6.0-4.oe2403sp2.noarch.rpm libtiff-help-4.3.0-26.oe2003sp4.noarch.rpm libtiff-help-4.3.0-40.oe2203sp3.noarch.rpm A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue. 2025-08-08 CVE-2024-13978 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 Low 2.5 AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L libtiff security update 2025-08-08 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1978