tiff vulnerability in ports?

[Aleksandr Miroslav]

This is perhaps a question for the tiff devs more than anything, but I
noticed that pkg audit has been complaining about libtiff (graphics/tiff)
for some time now.

FreeBSD's VUXML database says anything before 4.0.7 is affected, but
apparently that version hasn't been released yet (according to
http://www.remotesensing.org/libtiff/, the latest stable release is still
4.0.6).

Anyone know what's going on? Is there a release upcoming to fix this?

Thanks,
Alex