Details at $URL. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE ID: CVE-2017-7595 Summary: The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. Published: 2017-04-09T14:59:00.000Z
Fixed in v4.0.8 via https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
This issue was resolved and addressed in GLSA 201709-27 at https://security.gentoo.org/glsa/201709-27 by GLSA coordinator Aaron Bauman (b-man).