Debian Security Advisory DSA 2447-1 (tiff)

Summary
The remote host is missing an update to tiff announced via advisory DSA 2447-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202447-1
Insight
Alexander Gavrun discovered an integer overflow in the TIFF library in the parsing of the TileSize entry, which could result in the execution of arbitrary code if a malformed image is opened. For the stable distribution (squeeze), this problem has been fixed in version 3.9.4-5+squeeze4. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your tiff packages.