diff --git a/backport-CVE-2023-3316.patch b/backport-CVE-2023-3316.patch
new file mode 100644
index 0000000..bbef8da
--- /dev/null
+++ b/backport-CVE-2023-3316.patch
@@ -0,0 +1,56 @@
+From d63de61b1ec3385f6383ef9a1f453e4b8b11d536 Mon Sep 17 00:00:00 2001
+From: Su_Laus <sulau@freenet.de>
+Date: Fri, 3 Feb 2023 17:38:55 +0100
+Subject: [PATCH] TIFFClose() avoid NULL pointer dereferencing. fix#515
+
+Closes #515
+
+Reference:https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536
+Conflict:Adaptation Context
+
+---
+ libtiff/tif_close.c | 11 +++++++----
+ tools/tiffcrop.c    |  5 ++++-
+ 2 files changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c
+index 674518a..d1501fa 100644
+--- a/libtiff/tif_close.c
++++ b/libtiff/tif_close.c
+@@ -120,11 +120,14 @@ TIFFCleanup(TIFF* tif)
+ void
+ TIFFClose(TIFF* tif)
+ {
+-	TIFFCloseProc closeproc = tif->tif_closeproc;
+-	thandle_t fd = tif->tif_clientdata;
++    if (tif != NULL)
++    {
++        TIFFCloseProc closeproc = tif->tif_closeproc;
++        thandle_t fd = tif->tif_clientdata;
+
+-	TIFFCleanup(tif);
+-	(void) (*closeproc)(fd);
++        TIFFCleanup(tif);
++        (void)(*closeproc)(fd);
++    }
+ }
+ 
+ /* vim: set ts=8 sts=8 sw=8 noet: */
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index 55269d6..3f839d1 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -2553,7 +2553,10 @@ main(int argc, char* argv[])
+       }
+     }
+ 
+-  TIFFClose(out);
++    if (out != NULL)
++    {
++        TIFFClose(out);
++    }
+ 
+   return (0);
+   } /* end main */
+-- 
+2.33.0
diff --git a/libtiff.spec b/libtiff.spec
index 907082b..645e239 100644
--- a/libtiff.spec
+++ b/libtiff.spec
@@ -1,6 +1,6 @@
 Name:           libtiff
 Version:        4.3.0
-Release:        26
+Release:        27
 Summary:        TIFF Library and Utilities
 License:        libtiff
 URL:            https://www.simplesystems.org/libtiff/
@@ -37,6 +37,7 @@ Patch6027:      backport-0002-CVE-2023-0795-0796-0797-0798-0799.patch
 Patch6028:      backport-CVE-2023-0800-0801-0802-0803-0804.patch
 Patch6029:      backport-CVE-2023-2731.patch
 Patch6030:      backport-CVE-2023-26965.patch
+Patch6031:      backport-CVE-2023-3316.patch
 
 Patch9000:	fix-raw2tiff-floating-point-exception.patch
 
@@ -160,6 +161,9 @@ find html -name 'Makefile*' | xargs rm
 %exclude %{_datadir}/html/man/tiffgt.1.html
 
 %changelog
+* Sun Jun 25 2023 zhangpan <zhangpan103@h-partners.com> - 4.3.0-27
+- fix CVE-2023-3316
+
 * Thu Jun 15 2023 zhangpan <zhangpan103@h-partners.com> - 4.3.0-26
 - fix CVE-2023-26965