RHSA-2023:6575 - Security Advisory - Synopsis: Moderate: libtiff security update - Type/Severity: Moderate - Topic: An update for libtiff is now available for Red Hat Enterprise Linux 9. - Description: Multiple security flaws were found in the libtiff library. - CVEs: - CVE-2023-2731 (null pointer dereference in LZWDecode()) - CVE-2023-3316 (null pointer dereference in TIFFClose()) - CVE-2023-3576 (memory leak in tiffcrop.c) - CVE-2023-26965 (heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c) - CVE-2023-26966 (Buffer Overflow in uv_encode()) - Affected Products: Multiple versions of Red Hat Enterprise Linux and Red Hat CodeReady Linux Builder for various architectures. - Solution: Refer to the Red Hat advisory for detailed update instructions. - References: Links to Red Hat Security updates and classification.