tiff: CVE-2018-5360 same as CVE-2014-8127

CVE-2018-5360 same issue as bug #2500 (SamplesPerPixel changed without
updating SMinSampleValue).

Build a pre-739dcd28 libTIFF with asan and

$ tiffset graphicsmagic_0.tif

and you will get the exact same crash.

undetermined not removed yet since I still have to check again the
fixed Debian version (first official release to ship patch is 4.0.7
but the fix might have been introduced in earlier Debian releases)

see https://sourceforge.net/p/graphicsmagick/bugs/540/ (post awaiting
moderation at the moment)