A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
Created libtiff tracking bugs for this issue:
Affects: fedora-all [bug 1630006]
Created mingw-libtiff tracking bugs for this issue:
Affects: epel-7 [bug 1630009]
Affects: fedora-all [bug 1630007]
It seems like the flaw was introduced after libtiff-4.0.9 was released. So this is likely a regression in the unreleased version of libtiff (current git master). Which means that any released versions of the pkg will not be affected.
*** Bug 1677528 has been marked as a duplicate of this bug. ***