bug 134853 contains information on several integer overflows in libtiff. kfax contains its own internal version of libtiff, which is vulnerable to these issues.
removing embargo
This also needs updating for FC3
it's already fixed in KDE 3.3.1. it will be pushed out after the official FC3 release.
Fixed in errata http://www.google.ro/url?sa=t&ct=res&cd=1&url=http%3A//www.linuxsecurity.com/content/view/118856&ei=9E0GQ9X3AaWKiALo0byDDg