A security issue has been found in libtiff before 4.0.8, where a crafted TIFF file can trigger an undefined behavior (invalid shift exponent) in JPEGSetupEncode().
A security issue has been found in libtiff before 4.0.8, where a crafted TIFF file can trigger an undefined behavior (invalid shift exponent) in JPEGSetupEncode().
http://seclists.org/oss-sec/2017/q2/39 https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490