A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/ https://gitlab.com/libtiff/libtiff/-/issues/515
Created iv tracking bugs for this issue: Affects: fedora-all [bug 2216082] Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 2216081] Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 2216083]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6575 https://access.redhat.com/errata/RHSA-2023:6575