[ 21:26 antoine  ]

• 426758 UPDATING
• 426758 graphics/tiff/Makefile
• 426758 graphics/tiff/distinfo
• 426758 graphics/tiff/files/patch-CVE-2015-8665_8683
• 426758 graphics/tiff/files/patch-Makefile.in
• 426758 graphics/tiff/files/patch-libtiff_tif__luv.c
• 426758 graphics/tiff/files/patch-libtiff_tif__next.c
• 426758 graphics/tiff/files/patch-libtiff_tif__pixarlog.c
• 426758 graphics/tiff/files/patch-tiffcrop.1
• 426758 graphics/tiff/files/patch-tools_gif2tiff.c

Update to 4.0.7
The following tools are removed from this release: bmp2tiff, gif2tiff,
ras2tiff, rgb2ycbcr and thumbnail.

[ 15:04 rakuco  ]

• 405294 graphics/tiff/Makefile
• 405294 graphics/tiff/files/patch-CVE-2015-8665_8683
• 405294 graphics/tiff/files/patch-libtiff_tif__luv.c
• 405294 graphics/tiff/files/patch-libtiff_tif__next.c

Add fixes for CVE-2015-8665, CVE-2015-8683 and other vulnerabilities.

Besides fixing the two CVEs mentioned above, this change also pulls two
other commits from libtiff upstream fixing other out-of-bounds reads that do
not have corresponding CVEs and were reported directly in libtiff's bug
tracker.

PR:		205923
Approved by:	portmgr (antoine)
Obtained from:	libtiff CVS repository
Security:	b65e4914-b3bc-11e5-8255-5453ed2e2b49
Security:	bd349f7a-b3b9-11e5-8255-5453ed2e2b49