The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Denial of Service via crafted TIFF file * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file * libtiff: reachable assertion * libtiff: Out-of-bounds Read error in tiffcp * libtiff: stack-buffer-overflow in tiffcp.c in main * libtiff: out-of-bounds read in _TIFFmemcpy in tif_unix.c * libtiff: heap buffer overflow in extractImageSection * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag in tif_dirread.c * tiff: Divide By Zero error in tiffcrop * libtiff: heap-buffer-overflow in TIFFReadRawDataStriped in tiffinfo.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.