“infamous41md” discovered a problem in libtiff, the Tag Image File
Format library for processing TIFF graphics files. Upon reading a
TIFF file it is possible to allocate a zero sized buffer and write to
it which would lead to the execution of arbitrary code.
For the stable distribution (woody) this problem has been fixed in
version 3.5.5-6.woody3.
For the unstable distribution (sid) this problem has been fixed in
version 3.6.1-4.
We recommend that you upgrade your libtiff packages immediately.