Issued:: 2026-05-26
Updated:: 2026-05-26

RHSA-2026:20592 - Security Advisory

Overview
Updated Packages

Synopsis

Important: compat-libtiff3 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF (Tagged Image File Format) image format files. This version should be used only if you are unable to use the current version of libtiff.

Security Fix(es):

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

BZ - 2450768 - CVE-2026-4775 libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

CVEs

CVE-2026-4775

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.2.src.rpm	SHA-256: 9095155f49b127bad954d208ce5c5363ea843c4c3915b1b0ed253f65fba7a328
x86_64
compat-libtiff3-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 3cdbb271b563d9263e5d8da725fb3fc65af5f0745f47e850a8d22c31827b53b0
compat-libtiff3-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: d65a97c8a1b194c0222443a21a2d183dcdbd3b9065d5d33c5322dbb57bddd438
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 4bb611755626e1d5ec4b500d30a7540c09b1db95d1954e631cd44ca58d1556ad
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 831b31d46f73b01b5e411985d8dddce46511f1dad217c4675965f2f3f5273c28
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 799f29ae145cf28e232fdcee595e6872eb6bddd48d21f51f0e0c17982b11abca
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 6b3914e8cca237dbece2763ec87fadd93402e36c378e25f6cc99f31c4a1977df

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.2.src.rpm	SHA-256: 9095155f49b127bad954d208ce5c5363ea843c4c3915b1b0ed253f65fba7a328
x86_64
compat-libtiff3-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 3cdbb271b563d9263e5d8da725fb3fc65af5f0745f47e850a8d22c31827b53b0
compat-libtiff3-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: d65a97c8a1b194c0222443a21a2d183dcdbd3b9065d5d33c5322dbb57bddd438
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 4bb611755626e1d5ec4b500d30a7540c09b1db95d1954e631cd44ca58d1556ad
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 831b31d46f73b01b5e411985d8dddce46511f1dad217c4675965f2f3f5273c28
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 799f29ae145cf28e232fdcee595e6872eb6bddd48d21f51f0e0c17982b11abca
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 6b3914e8cca237dbece2763ec87fadd93402e36c378e25f6cc99f31c4a1977df

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.2.src.rpm	SHA-256: 9095155f49b127bad954d208ce5c5363ea843c4c3915b1b0ed253f65fba7a328
ppc64le
compat-libtiff3-3.9.4-13.el8_8.2.ppc64le.rpm	SHA-256: 0fbe9a2c18fb47c22317e45b876532834cc039cc2be447bc2e4e2759a64d4b41
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.ppc64le.rpm	SHA-256: 97c207b71189a6b5da22f6925f74528826515d73843f99931d4a4d5a7211802f
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.ppc64le.rpm	SHA-256: ff308c7868eddeae9847671f98175800e2cf47e6b0f29d1e171d0a61514a0fe1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
compat-libtiff3-3.9.4-13.el8_8.2.src.rpm	SHA-256: 9095155f49b127bad954d208ce5c5363ea843c4c3915b1b0ed253f65fba7a328
x86_64
compat-libtiff3-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 3cdbb271b563d9263e5d8da725fb3fc65af5f0745f47e850a8d22c31827b53b0
compat-libtiff3-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: d65a97c8a1b194c0222443a21a2d183dcdbd3b9065d5d33c5322dbb57bddd438
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 4bb611755626e1d5ec4b500d30a7540c09b1db95d1954e631cd44ca58d1556ad
compat-libtiff3-debuginfo-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 831b31d46f73b01b5e411985d8dddce46511f1dad217c4675965f2f3f5273c28
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.i686.rpm	SHA-256: 799f29ae145cf28e232fdcee595e6872eb6bddd48d21f51f0e0c17982b11abca
compat-libtiff3-debugsource-3.9.4-13.el8_8.2.x86_64.rpm	SHA-256: 6b3914e8cca237dbece2763ec87fadd93402e36c378e25f6cc99f31c4a1977df

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation