Details at $URL.
@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE ID: CVE-2016-10268
Summary: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
pulled in 4.0.7-r1
This issue was resolved and addressed in
GLSA 201709-27 at https://security.gentoo.org/glsa/201709-27
by GLSA coordinator Aaron Bauman (b-man).