From ${URL} : In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. Upstream bug: http://bugzilla.maptools.org/show_bug.cgi?id=2706 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
tiff-4.0.9 is in the tree https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d2499873abf8a233ea9517dc9eade5c6102da32
cleanup will occur in bug 624696 GLSA Vote: No