Tavis Ormandy discovered several vulnerabilities in the TIFF library
that can lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
For the old stable distribution (woody) these problems have been fixed
in version 3.5.5-7woody1.
For the stable distribution (sarge) these problems have been fixed in
version 3.7.2-3sarge1.
The unstable distribution (sid) is not vulnerable to these problems.
We recommend that you upgrade your libtiff packages.