libtiff5 - Tag Image File Format (TIFF) library

Property Value
Distribution Debian 8 (Jessie)
Repository Debian Main i386
Package filename libtiff5_4.0.3-12.3+deb8u5_i386.deb
Package name libtiff5
Package version 4.0.3
Package release 12.3+deb8u5
Package architecture i386
Package type deb
Category libs role::shared-lib works-with-format::tiff
License -
Maintainer Ondřej Surý <>
Download size 225.70 KB
Installed size 585.00 KB
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data.  This package
includes the shared library.


Package Version Architecture Repository
libtiff5_4.0.3-12.3+deb8u5_amd64.deb 4.0.3 amd64 Debian Main
libtiff5 - - -


Name Value
libc6 >= 2.11
libjbig0 >= 2.0
libjpeg62-turbo >= 1.3.1
liblzma5 >= 5.1.1alpha+20120614
multiarch-support -
zlib1g >= 1:1.1.4


Type URL
Binary Package libtiff5_4.0.3-12.3+deb8u5_i386.deb
Source Package tiff

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libtiff5 deb package:
    # sudo apt-get install libtiff5




2018-01-26 - Moritz Muehlenhoff <>
tiff (4.0.3-12.3+deb8u5) jessie-security; urgency=high
[ Laszlo Boszormenyi (GCS) ]
* Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf
(closes: #868513).
* Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray()
(closes: #872607).
* Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec()
(closes: #873880).
* Fix CVE-2017-13727: reachable assertion abort in
TIFFWriteDirectoryTagSubifd() (closes: #873879).
* Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory()
(closes: #885985).
* Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf()
function (closes: #866109).
[ Moritz Muehlenhoff ]
* CVE-2016-10371
2017-07-02 - Laszlo Boszormenyi (GCS) <>
tiff (4.0.3-12.3+deb8u4) jessie-security; urgency=high
* Backport fix for the following vulnerabilities:
- CVE-2017-9403: fix memory leak in non DEFER_STRILE_LOAD mode,
- CVE-2017-9404: memory leak vulnerability was found in the function
- CVE-2016-10095 and CVE-2017-9147: add _TIFFCheckFieldIsValidForCodec()
and use it in TIFFReadDirectory() (closes: #850316, #863185),
- CVE-2017-9936: memory leak in error code path of JBIGDecode()
(closes: #866113),
- prevent out of memory in gtTileContig() on corrupted files,
- CVE-2017-10688, assertion failure in TIFFWriteDirectoryTagCheckedXXXX()
(closes: #866611).
* Add required _TIFFCheckFieldIsValidForCodec@LIBTIFF_4.0 and
_TIFFReadEncodedStripAndAllocBuffer@LIBTIFF_4.0 symbols to the
libtiff5 package.
2017-04-21 - Laszlo Boszormenyi (GCS) <>
tiff (4.0.3-12.3+deb8u3) jessie-security; urgency=high
* Backport fix for the following vulnerabilities:
- CVE-2014-8127 and CVE-2016-3658: out-of-bounds read in the tiffset tool,
- CVE-2016-9535: replace assertions by runtime checks to avoid assertions
in debug mode, or buffer overflows in release mode,
- CVE-2016-10266: divide-by-zero in TIFFReadEncodedStrip,
- CVE-2016-10267: divide-by-zero in OJPEGDecodeRaw,
- CVE-2016-10269: heap-based buffer overflow in _TIFFmemcpy,
- CVE-2016-10270: heap-based buffer overflow in TIFFFillStrip,
- CVE-2017-5225: heap buffer overflow via a crafted BitsPerSample value,
- CVE-2017-7592: left-shift undefined behavior issue in putagreytile,
- CVE-2017-7593: unitialized-memory access from tif_rawdata,
- CVE-2017-7594: leak in OJPEGReadHeaderInfoSecTablesAcTable,
- CVE-2017-7595: divide-by-zero in JPEGSetupEncode,
- CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599,
CVE-2017-7600, CVE-2017-7601 and CVE-2017-7602: multiple UBSAN crashes.
* Add required _TIFFcalloc@LIBTIFF_4.0 symbol to the libtiff5 package.
[ Tobias Lippert <> ]
* Fix a regression introduced by patch CVE-2014-8128-5 where enabling
compression of tif files results in corrupt files
(closes: #783555, #818360).

See Also

Package Description
libtiffxx5_4.0.3-12.3+deb8u5_i386.deb Tag Image File Format (TIFF) library -- C++ interface
libtifiles-dev_1.1.6-3_i386.deb Texas Instruments calculator files library [development files]
libtifiles2-9_1.1.6-3_i386.deb Texas Instruments calculator files library
libtiger-types-java-doc_1.4-1_all.deb Documentation for Type arithmetic library for Java5
libtiger-types-java_1.4-1_all.deb Type arithmetic library for Java5
libtika-java_1.5-1_all.deb Apache Tika - content analysis toolkit
libtiles-java-doc_2.2.2-5_all.deb Java templating framework for web application user interfaces - documentation
libtiles-java_2.2.2-5_all.deb Java templating framework for web application user interfaces
libtimbl4-dev_6.4.4-4_i386.deb Tilburg Memory Based Learner - development
libtimbl4_6.4.4-4_i386.deb Tilburg Memory Based Learner - runtime
libtimblserver3-dev_1.7-4_i386.deb Server extensions for Timbl - development
libtimblserver3_1.7-4_i386.deb Server extensions for Timbl - runtime
libtime-clock-perl_1.01-1_all.deb twenty-four hour clock object with nanosecond precision
libtime-duration-parse-perl_0.11-1_all.deb Parse string that represents time duration
libtime-duration-perl_1.10-1_all.deb module for rounded or exact English expression of durations