In LibTIFF 4.0.9, there is a NULL pointer dereference in the
TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial
of service attack, as demonstrated by tiffset.
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak,
as demonstrated by pal2rgb.