Comment 3 for bug 191204

* SECURITY UPDATE: buffer overflow and potential arbitrary code execution
    via crafted GIF image (LP: #191204)
    - debian/patches/cve-2008-0553.diff fix from upstream for
      generic/tkImgGIF.c to validate initialCodeSize
    - http://tktoolkit.cvs.sourceforge.net/tktoolkit/tk/generic/tkImgGIF.c?r1=1.40&r2=1.41
    - CVE-2008-0553

why i must to update when tk8.4 needed of patch ? first patch it and then send as update