Description:
The libtiff package is vulnerable to CVE-2022-1354 and CVE-2022-1355. The attached diff adds these two fixes as well as two segmentation fault fixes that are required for the second CVE diff to apply cleanly.

Additional info:
One of the diffs modifies a binary file, so the patch command will refuse to apply it. As a workaround, use "git apply" to apply them. Feel free to do something else if you have a better idea.