* SECURITY UPDATE: Arbitrary command execution with crafted TIF files.
  * Add debian/patches/tiff2pdf-octal-printf.patch:
    - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal
      signed char (it printed a signed integer, which overflow the buffer and
      was wrong anyway).
    - CVE-2006-2193

--- tiff-3.8.2/tools/tiff2pdf.c	2006-03-21 17:42:51.000000000 +0100
+++ tiff-3.8.2/tools/tiff2pdf.c.fix	2006-06-15 17:00:23.000000000 +0200
@@ -3668,7 +3668,7 @@
 	written += TIFFWriteFile(output, (tdata_t) "(", 1);
 	for (i=0;i<len;i++){
 		if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
-			sprintf(buffer, "\\%.3o", pdfstr[i]);
+			sprintf(buffer, "\\%.3hho", pdfstr[i]);
 			written += TIFFWriteFile(output, (tdata_t) buffer, 4);
 		} else {
 			switch (pdfstr[i]){