A vulnerability has been discovered in tiff3, an older implementation of the libtiff library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. Mishandling the reading of TIFF files has been demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick.
For Debian 7 Wheezy, these problems have been fixed in version 3.9.6-11+deb7u14.
We recommend that you upgrade your tiff3 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/