package: src:tiff3 severity: grave version: 3.9.6-11 tag: security The tiff package has had multiple security issues recently. tiff3, being an old version, is also affected by a subset of them, of which I haven't fully checked yet: https://security-tracker.debian.org/tracker/source-package/tiff
It is however clear that tiff3 is affected by at least CVE-2013-1960 and CVE-2013-1961, but probably a whole lot more: http://bugs.debian.org/706674 http://bugs.debian.org/706675 Please review and help make the situation in unstable better. We will also need to issue a dsa for wheezy. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
