Hi,
we rely on Debian to provide security support for the packages we
ship, so tails-dev is not a relevant place to discuss security issues
in software we ship, unless there's something Tails -specific about
it, e.g. if it is more serious in the context of Tails for some
specific reason.
Anyway, for the record this is:
https://security-tracker.debian.org/tracker/CVE-2016-4971
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827003
… that will be fixed in the next Jessie point-release:
https://release.debian.org/proposed-updates/stable.html
Cheers,
--
intrigeri