Update bundled libjpeg-turbo to version 3.1.3

[ChangeLog][Third-Party Code] libjpeg-turbo was updated to version 3.1.3

Pick-to: 6.11 6.10 6.8 6.5 5.15
Change-Id: Ic402772f54e34082694693e0fc6b61bd0c556825
Reviewed-by: Eskil Abrahamsen Blomfeldt <[email protected]>

5 files changed, 43 insertions, 12 deletions

diff --git a/src/3rdparty/libjpeg/COPYRIGHT.txt b/src/3rdparty/libjpeg/COPYRIGHT.txt
index f5eae868466..ce9d95bfebc 100644
--- a/src/3rdparty/libjpeg/COPYRIGHT.txt
+++ b/src/3rdparty/libjpeg/COPYRIGHT.txt
@@ -1,4 +1,4 @@
-Copyright (C) 2009-2025 D. R. Commander
+Copyright (C) 2009-2024 D. R. Commander
 Copyright (C) 2015, 2020 Google, Inc.
 Copyright (C) 2019-2020 Arm Limited
 Copyright (C) 2015-2016, 2018 Matthieu Darbois
diff --git a/src/3rdparty/libjpeg/ChangeLog.md b/src/3rdparty/libjpeg/ChangeLog.md
index 4bdbf53dd34..17390d80bd0 100644
--- a/src/3rdparty/libjpeg/ChangeLog.md
+++ b/src/3rdparty/libjpeg/ChangeLog.md
@@ -1,3 +1,34 @@
+3.1.3
+=====
+
+### Significant changes relative to 3.1.2:
+
+1. Hardened the TurboJPEG API against hypothetical applications that may
+erroneously call `tj*Compress*()` or `tj*Transform()` with a reused JPEG
+destination buffer pointer while specifying a destination buffer size of 0.
+
+2. Hardened the TurboJPEG API against hypothetical applications that may
+erroneously set `TJPARAM_LOSSLESS` or `TJPARAM_COLORSPACE` prior to calling
+`tj3EncodeYUV*8()` or `tj3CompressFromYUV*8()`.  `tj3EncodeYUV*8()` and
+`tj3CompressFromYUV*8()` now ignore `TJPARAM_LOSSLESS` and
+`TJPARAM_COLORSPACE`.
+
+3. Hardened the TurboJPEG Java API against hypothetical applications that may
+erroneously pass huge X or Y offsets to one of the compression, YUV encoding,
+decompression, or YUV decoding methods, leading to signed integer overflow in
+the JNI wrapper's buffer size checks that rendered those checks ineffective.
+
+4. Fixed an issue in the TurboJPEG Java API whereby
+`TJCompressor.getSourceBuf()` sometimes returned the buffer from a previous
+invocation of `TJCompressor.loadSourceImage()` if the target data precision was
+changed before the most recent invocation.
+
+5. Fixed an issue in the PPM reader that caused incorrect pixels to be
+generated when using `tj3LoadImage*()` or `TJCompressor.loadSourceImage()` to
+load a PBMPLUS (PPM/PGM) file into a CMYK buffer with a different data
+precision than that of the file.
+
+
 3.1.2
 =====
 
@@ -962,9 +993,9 @@ storage.
 64-bit libjpeg-turbo SDK for Visual C++ were installed on the same system, only
 one of them could be uninstalled.
 
-2. Fixed a signed integer overflow and subsequent segfault that occurred when
-attempting to decompress images with more than 715827882 pixels using the
-64-bit C version of TJBench.
+2. Fixed a signed integer overflow and subsequent segfault (CVE-2019-2201) that
+occurred when attempting to decompress images with more than 715827882 pixels
+using the 64-bit C version of TJBench.
 
 3. Fixed out-of-bounds write in `tjDecompressToYUV2()` and
 `tjDecompressToYUVPlanes()` (sometimes manifesting as a double free) that
@@ -1016,9 +1047,9 @@ regardless of whether a 4:2:2 JPEG image is rotated or transposed prior to
 decompression (in the frequency domain) or after decompression (in the spatial
 domain), the final image will be similar.
 
-4. Fixed an integer overflow and subsequent segfault that occurred when
-attempting to compress or decompress images with more than 1 billion pixels
-using the TurboJPEG API.
+4. Fixed an integer overflow and subsequent segfault (CVE-2019-2201) that
+occurred when attempting to compress or decompress images with more than 1
+billion pixels using the TurboJPEG API.
 
 5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
 generate a progressive JPEG image on an SSE2-capable CPU using a scan script
diff --git a/src/3rdparty/libjpeg/qt_attribution.json b/src/3rdparty/libjpeg/qt_attribution.json
index fe38aec1f68..5ac811a12b4 100644
--- a/src/3rdparty/libjpeg/qt_attribution.json
+++ b/src/3rdparty/libjpeg/qt_attribution.json
@@ -7,8 +7,8 @@
 
     "Description": "The Independent JPEG Group's JPEG software",
     "Homepage": "http://libjpeg-turbo.virtualgl.org/",
-    "Version": "3.1.2",
-    "DownloadLocation": "https://github.com/libjpeg-turbo/libjpeg-turbo/releases/download/3.1.2/libjpeg-turbo-3.1.2.tar.gz",
+    "Version": "3.1.3",
+    "DownloadLocation": "https://github.com/libjpeg-turbo/libjpeg-turbo/releases/download/3.1.3/libjpeg-turbo-3.1.3.tar.gz",
     "PURL": "pkg:github/libjpeg-turbo/libjpeg-turbo@$<VERSION>",
     "CPE": "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:$<VERSION>:*:*:*:*:*:*:*",
 
diff --git a/src/3rdparty/libjpeg/src/jconfig.h b/src/3rdparty/libjpeg/src/jconfig.h
index e81574b9a48..85a1509fb68 100644
--- a/src/3rdparty/libjpeg/src/jconfig.h
+++ b/src/3rdparty/libjpeg/src/jconfig.h
@@ -2,9 +2,9 @@
 
 #define JPEG_LIB_VERSION 80
 
-#define LIBJPEG_TURBO_VERSION 3.0.3
+#define LIBJPEG_TURBO_VERSION 3.1.3
 
-#define LIBJPEG_TURBO_VERSION_NUMBER 3000003
+#define LIBJPEG_TURBO_VERSION_NUMBER 3001003
 
 #define C_ARITH_CODING_SUPPORTED 1
 
diff --git a/src/3rdparty/libjpeg/src/jconfigint.h b/src/3rdparty/libjpeg/src/jconfigint.h
index 6e7dbd75a1e..6d5f9633928 100644
--- a/src/3rdparty/libjpeg/src/jconfigint.h
+++ b/src/3rdparty/libjpeg/src/jconfigint.h
@@ -10,7 +10,7 @@
 
 #define PACKAGE_NAME "libjpeg-turbo"
 
-#define VERSION "3.0.3"
+#define VERSION "3.1.3"
 
 #if SIZE_MAX == 0xffffffff
 #define SIZEOF_SIZE_T 4