Several integer overflows and subsequent segfaults when attempting to
compress/decompress gigapixel images.
I'd like to point out that in the announcement of this bug on oss-security , it says:
> integer overflow and subsequent heap corruption in libjpeg-turbo *2.0.3 and earlier*
If that is right, a simple bump to 2.0.3 would not have fixed it in our distro.
I tried to follow the link to NIST, but there it is stated in term of Android versions only, and my eyes glaze over. Sorry, please someone follow up.