Details at $URL.
@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE ID: CVE-2017-7595
Summary: The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
Fixed in v4.0.8 via https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
This issue was resolved and addressed in
GLSA 201709-27 at https://security.gentoo.org/glsa/201709-27
by GLSA coordinator Aaron Bauman (b-man).