If they are end users, how would they test the fix before it reaches production code?
If they are testers and they don't test the fix, who the hell closes the bug report?
Since you worry about errors getting introduced by merges, it sounds like you are also missing regression testing.
If you don't do regression testing, and don't verify fixes on the release branch, what the hell is your QA department doing?
I think the theory you are looking for is this:
1: Users report bug.
2: QA verifies the bug on the released code, and also that it exist in latest development code.
3: Developer fix bug.
4: QA verifies fix and close the bug report.
5: Code Freeze. QA does regression testing, and verifies all new fixes still work as intended.
There is no need for a single gatekeeper to do merges. Your developers need to be competent enough that they don't routinely break stuff when merging. If they are not capable of getting a merge right most of the time, you need new developers.