Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

RHEL 8 : libtiff (RHSA-2026:19657)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19657 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

RHEL 9 : libtiff (RHSA-2026:19608)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19608 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

RHEL 8 : libtiff (RHSA-2026:19659)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19659 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

RHEL 10 : libtiff (RHSA-2026:19586)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19586 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitra...

SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2026:1965-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1965-1 advisory. This update for tiff fixes the following issue - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile...

RHEL 10 : libtiff (RHSA-2026:19150)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19150 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitra...

ALSA-2026:19150 Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 For more details about the security issues,...

CLSA-2026-1779123410 jq: Fix of 8 CVEs

CVE-2026-40164: randomize hash seed to mitigate hash collision DoS - CVE-2026-40612: limit containment check depth - CVE-2026-41256: fix NUL truncation in program files loaded with -f - CVE-2026-41257: fix signed-int overflow in stackreallocate - CVE-2026-43894: cap numeric literal length to...

Security update for tiff

This update for tiff fixes the following issue CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

SUSE-SU-2026:1965-1 Security update for tiff

This update for tiff fixes the following issue - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411...

SUSE CVE-2026-44636

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

UBUNTU-CVE-2026-44636

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

CVE-2026-43905

OpenImageIO CVE-2026-43905 affects the JPEG2000 path when built with OpenJPH. In jpeg2000input.cpp:395, buffer size is computed as w * h * ch * buffer_bpp using 32-bit signed arithmetic, so when the product exceeds INT_MAX the result wraps to 0 or a small value. This yields an undersized m_buf an...

CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

libsixel 安全漏洞

Libsixel is a software package developed by Hayaki Saito, which provides encoding/decoding implementations for DEC SIXEL graphics and other conversion programs. Versions of Libsixel 1.8.7-r1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a signed integer overfl...

jq: Signed-int overflow in `stack_reallocate` (jq VM stack)

...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...