15 files changed, 76 insertions, 43 deletions
diff --git a/src/3rdparty/libjpeg/COPYRIGHT.txt b/src/3rdparty/libjpeg/COPYRIGHT.txt
index f5eae868466..ce9d95bfebc 100644
--- a/src/3rdparty/libjpeg/COPYRIGHT.txt
+++ b/src/3rdparty/libjpeg/COPYRIGHT.txt
@@ -1,4 +1,4 @@
-Copyright (C) 2009-2025 D. R. Commander
+Copyright (C) 2009-2024 D. R. Commander
 Copyright (C) 2015, 2020 Google, Inc.
 Copyright (C) 2019-2020 Arm Limited
 Copyright (C) 2015-2016, 2018 Matthieu Darbois
diff --git a/src/3rdparty/libjpeg/ChangeLog.md b/src/3rdparty/libjpeg/ChangeLog.md
index 4bdbf53dd34..17390d80bd0 100644
--- a/src/3rdparty/libjpeg/ChangeLog.md
+++ b/src/3rdparty/libjpeg/ChangeLog.md
@@ -1,3 +1,34 @@
+3.1.3
+=====
+
+### Significant changes relative to 3.1.2:
+
+1. Hardened the TurboJPEG API against hypothetical applications that may
+erroneously call `tj*Compress*()` or `tj*Transform()` with a reused JPEG
+destination buffer pointer while specifying a destination buffer size of 0.
+
+2. Hardened the TurboJPEG API against hypothetical applications that may
+erroneously set `TJPARAM_LOSSLESS` or `TJPARAM_COLORSPACE` prior to calling
+`tj3EncodeYUV*8()` or `tj3CompressFromYUV*8()`.  `tj3EncodeYUV*8()` and
+`tj3CompressFromYUV*8()` now ignore `TJPARAM_LOSSLESS` and
+`TJPARAM_COLORSPACE`.
+
+3. Hardened the TurboJPEG Java API against hypothetical applications that may
+erroneously pass huge X or Y offsets to one of the compression, YUV encoding,
+decompression, or YUV decoding methods, leading to signed integer overflow in
+the JNI wrapper's buffer size checks that rendered those checks ineffective.
+
+4. Fixed an issue in the TurboJPEG Java API whereby
+`TJCompressor.getSourceBuf()` sometimes returned the buffer from a previous
+invocation of `TJCompressor.loadSourceImage()` if the target data precision was
+changed before the most recent invocation.
+
+5. Fixed an issue in the PPM reader that caused incorrect pixels to be
+generated when using `tj3LoadImage*()` or `TJCompressor.loadSourceImage()` to
+load a PBMPLUS (PPM/PGM) file into a CMYK buffer with a different data
+precision than that of the file.
+
+
 3.1.2
 =====
 
@@ -962,9 +993,9 @@ storage.
 64-bit libjpeg-turbo SDK for Visual C++ were installed on the same system, only
 one of them could be uninstalled.
 
-2. Fixed a signed integer overflow and subsequent segfault that occurred when
-attempting to decompress images with more than 715827882 pixels using the
-64-bit C version of TJBench.
+2. Fixed a signed integer overflow and subsequent segfault (CVE-2019-2201) that
+occurred when attempting to decompress images with more than 715827882 pixels
+using the 64-bit C version of TJBench.
 
 3. Fixed out-of-bounds write in `tjDecompressToYUV2()` and
 `tjDecompressToYUVPlanes()` (sometimes manifesting as a double free) that
@@ -1016,9 +1047,9 @@ regardless of whether a 4:2:2 JPEG image is rotated or transposed prior to
 decompression (in the frequency domain) or after decompression (in the spatial
 domain), the final image will be similar.
 
-4. Fixed an integer overflow and subsequent segfault that occurred when
-attempting to compress or decompress images with more than 1 billion pixels
-using the TurboJPEG API.
+4. Fixed an integer overflow and subsequent segfault (CVE-2019-2201) that
+occurred when attempting to compress or decompress images with more than 1
+billion pixels using the TurboJPEG API.
 
 5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
 generate a progressive JPEG image on an SSE2-capable CPU using a scan script
diff --git a/src/3rdparty/libjpeg/qt_attribution.json b/src/3rdparty/libjpeg/qt_attribution.json
index fe38aec1f68..5ac811a12b4 100644
--- a/src/3rdparty/libjpeg/qt_attribution.json
+++ b/src/3rdparty/libjpeg/qt_attribution.json
@@ -7,8 +7,8 @@
 
     "Description": "The Independent JPEG Group's JPEG software",
     "Homepage": "http://libjpeg-turbo.virtualgl.org/",
-    "Version": "3.1.2",
-    "DownloadLocation": "https://github.com/libjpeg-turbo/libjpeg-turbo/releases/download/3.1.2/libjpeg-turbo-3.1.2.tar.gz",
+    "Version": "3.1.3",
+    "DownloadLocation": "https://github.com/libjpeg-turbo/libjpeg-turbo/releases/download/3.1.3/libjpeg-turbo-3.1.3.tar.gz",
     "PURL": "pkg:github/libjpeg-turbo/libjpeg-turbo@$<VERSION>",
     "CPE": "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:$<VERSION>:*:*:*:*:*:*:*",
 
diff --git a/src/3rdparty/libjpeg/src/jconfig.h b/src/3rdparty/libjpeg/src/jconfig.h
index e81574b9a48..85a1509fb68 100644
--- a/src/3rdparty/libjpeg/src/jconfig.h
+++ b/src/3rdparty/libjpeg/src/jconfig.h
@@ -2,9 +2,9 @@
 
 #define JPEG_LIB_VERSION 80
 
-#define LIBJPEG_TURBO_VERSION 3.0.3
+#define LIBJPEG_TURBO_VERSION 3.1.3
 
-#define LIBJPEG_TURBO_VERSION_NUMBER 3000003
+#define LIBJPEG_TURBO_VERSION_NUMBER 3001003
 
 #define C_ARITH_CODING_SUPPORTED 1
 
diff --git a/src/3rdparty/libjpeg/src/jconfigint.h b/src/3rdparty/libjpeg/src/jconfigint.h
index 6e7dbd75a1e..6d5f9633928 100644
--- a/src/3rdparty/libjpeg/src/jconfigint.h
+++ b/src/3rdparty/libjpeg/src/jconfigint.h
@@ -10,7 +10,7 @@
 
 #define PACKAGE_NAME "libjpeg-turbo"
 
-#define VERSION "3.0.3"
+#define VERSION "3.1.3"
 
 #if SIZE_MAX == 0xffffffff
 #define SIZEOF_SIZE_T 4
diff --git a/src/3rdparty/libpng/ANNOUNCE b/src/3rdparty/libpng/ANNOUNCE
index 10dee70d834..e9a94e05de3 100644
--- a/src/3rdparty/libpng/ANNOUNCE
+++ b/src/3rdparty/libpng/ANNOUNCE
@@ -1,4 +1,4 @@
-libpng 1.6.52 - December 3, 2025
+libpng 1.6.53 - December 5, 2025
 ================================
 
 This is a public release of libpng, intended for use in production code.
@@ -9,10 +9,10 @@ Files available for download
 
 Source files:
 
- * libpng-1.6.52.tar.xz (LZMA-compressed, recommended)
- * libpng-1.6.52.tar.gz (deflate-compressed)
- * lpng1652.7z (LZMA-compressed)
- * lpng1652.zip (deflate-compressed)
+ * libpng-1.6.53.tar.xz (LZMA-compressed, recommended)
+ * libpng-1.6.53.tar.gz (deflate-compressed)
+ * lpng1653.7z (LZMA-compressed)
+ * lpng1653.zip (deflate-compressed)
 
 Other information:
 
@@ -22,18 +22,14 @@ Other information:
  * TRADEMARK.md
 
 
-Changes from version 1.6.51 to version 1.6.52
+Changes from version 1.6.52 to version 1.6.53
 ---------------------------------------------
 
- * Fixed CVE-2025-66293 (high severity):
-   Out-of-bounds read in `png_image_read_composite`.
-   (Reported by flyfish101 <[email protected]>.)
- * Fixed the Paeth filter handling in the RISC-V RVV implementation.
-   (Reported by Filip Wasil; fixed by Liang Junzhao.)
- * Improved the performance of the RISC-V RVV implementation.
-   (Contributed by Liang Junzhao.)
- * Added allocation failure fuzzing to oss-fuzz.
-   (Contributed by Philippe Antoine.)
+ * Fixed a build failure on RISC-V RVV caused by a misspelled intrinsic.
+   (Contributed by Alexander Smorkalov.)
+ * Fixed a build failure with CMake 4.1 or newer, on Windows, when using
+   Visual C++ without MASM installed.
+   (Reported by Andrew Tribick; fixed by Luis Caro Campos.)
 
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
diff --git a/src/3rdparty/libpng/CHANGES b/src/3rdparty/libpng/CHANGES
index f8ad74bbdf3..ea43101538a 100644
--- a/src/3rdparty/libpng/CHANGES
+++ b/src/3rdparty/libpng/CHANGES
@@ -6315,6 +6315,12 @@ Version 1.6.52 [December 3, 2025]
   Added allocation failure fuzzing to oss-fuzz.
     (Contributed by Philippe Antoine.)
 
+Version 1.6.53 [December 5, 2025]
+  Fixed a build failure on RISC-V RVV caused by a misspelled intrinsic.
+    (Contributed by Alexander Smorkalov.)
+  Fixed a build failure with CMake 4.1 or newer, on Windows, when using
+    Visual C++ without MASM installed.
+
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
 Subscription is required; visit
 https://lists.sourceforge.net/lists/listinfo/png-mng-implement
diff --git a/src/3rdparty/libpng/README b/src/3rdparty/libpng/README
index 87e5f8b177e..4041ad86eb3 100644
--- a/src/3rdparty/libpng/README
+++ b/src/3rdparty/libpng/README
@@ -1,4 +1,4 @@
-README for libpng version 1.6.52
+README for libpng version 1.6.53
 ================================
 
 See the note about version numbers near the top of `png.h`.
diff --git a/src/3rdparty/libpng/libpng-manual.txt b/src/3rdparty/libpng/libpng-manual.txt
index f284d987ba6..750025cfdad 100644
--- a/src/3rdparty/libpng/libpng-manual.txt
+++ b/src/3rdparty/libpng/libpng-manual.txt
@@ -9,7 +9,7 @@ libpng-manual.txt - A description on how to use and modify libpng
 
  Based on:
 
- libpng version 1.6.36, December 2018, through 1.6.52 - December 2025
+ libpng version 1.6.36, December 2018, through 1.6.53 - December 2025
  Updated and distributed by Cosmin Truta
  Copyright (c) 2018-2025 Cosmin Truta
 
diff --git a/src/3rdparty/libpng/png.c b/src/3rdparty/libpng/png.c
index 11b65d1f13e..85b49496520 100644
--- a/src/3rdparty/libpng/png.c
+++ b/src/3rdparty/libpng/png.c
@@ -13,7 +13,7 @@
 #include "pngpriv.h"
 
 /* Generate a compiler error if there is an old png.h in the search path. */
-typedef png_libpng_version_1_6_52 Your_png_h_is_not_version_1_6_52;
+typedef png_libpng_version_1_6_53 Your_png_h_is_not_version_1_6_53;
 
 /* Sanity check the chunks definitions - PNG_KNOWN_CHUNKS from pngpriv.h and the
  * corresponding macro definitions.  This causes a compile time failure if
@@ -817,7 +817,7 @@ png_get_copyright(png_const_structrp png_ptr)
    return PNG_STRING_COPYRIGHT
 #else
    return PNG_STRING_NEWLINE \
-      "libpng version 1.6.52" PNG_STRING_NEWLINE \
+      "libpng version 1.6.53" PNG_STRING_NEWLINE \
       "Copyright (c) 2018-2025 Cosmin Truta" PNG_STRING_NEWLINE \
       "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \
       PNG_STRING_NEWLINE \
diff --git a/src/3rdparty/libpng/png.h b/src/3rdparty/libpng/png.h
index bceb9aa45d7..bdcd243dea2 100644
--- a/src/3rdparty/libpng/png.h
+++ b/src/3rdparty/libpng/png.h
@@ -1,6 +1,6 @@
 /* png.h - header file for PNG reference library
  *
- * libpng version 1.6.52
+ * libpng version 1.6.53
  *
  * Copyright (c) 2018-2025 Cosmin Truta
  * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson
@@ -14,7 +14,7 @@
  *   libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger
  *   libpng versions 0.97, January 1998, through 1.6.35, July 2018:
  *     Glenn Randers-Pehrson
- *   libpng versions 1.6.36, December 2018, through 1.6.52, December 2025:
+ *   libpng versions 1.6.36, December 2018, through 1.6.53, December 2025:
  *     Cosmin Truta
  *   See also "Contributing Authors", below.
  */
@@ -238,7 +238,7 @@
  *    ...
  *    1.5.30                  15    10530  15.so.15.30[.0]
  *    ...
- *    1.6.52                  16    10651  16.so.16.52[.0]
+ *    1.6.53                  16    10651  16.so.16.53[.0]
  *
  *    Henceforth the source version will match the shared-library major and
  *    minor numbers; the shared-library major version number will be used for
@@ -274,7 +274,7 @@
  */
 
 /* Version information for png.h - this should match the version in png.c */
-#define PNG_LIBPNG_VER_STRING "1.6.52"
+#define PNG_LIBPNG_VER_STRING "1.6.53"
 #define PNG_HEADER_VERSION_STRING " libpng version " PNG_LIBPNG_VER_STRING "\n"
 
 /* The versions of shared library builds should stay in sync, going forward */
@@ -285,7 +285,7 @@
 /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */
 #define PNG_LIBPNG_VER_MAJOR   1
 #define PNG_LIBPNG_VER_MINOR   6
-#define PNG_LIBPNG_VER_RELEASE 52
+#define PNG_LIBPNG_VER_RELEASE 53
 
 /* This should be zero for a public release, or non-zero for a
  * development version.
@@ -316,7 +316,7 @@
  * From version 1.0.1 it is:
  * XXYYZZ, where XX=major, YY=minor, ZZ=release
  */
-#define PNG_LIBPNG_VER 10652 /* 1.6.52 */
+#define PNG_LIBPNG_VER 10653 /* 1.6.53 */
 
 /* Library configuration: these options cannot be changed after
  * the library has been built.
@@ -426,7 +426,7 @@ extern "C" {
 /* This triggers a compiler error in png.c, if png.c and png.h
  * do not agree upon the version number.
  */
-typedef char* png_libpng_version_1_6_52;
+typedef char* png_libpng_version_1_6_53;
 
 /* Basic control structions.  Read libpng-manual.txt or libpng.3 for more info.
  *
diff --git a/src/3rdparty/libpng/pngconf.h b/src/3rdparty/libpng/pngconf.h
index 76b5c20bdff..f4ff19209c6 100644
--- a/src/3rdparty/libpng/pngconf.h
+++ b/src/3rdparty/libpng/pngconf.h
@@ -1,6 +1,6 @@
 /* pngconf.h - machine-configurable file for libpng
  *
- * libpng version 1.6.52
+ * libpng version 1.6.53
  *
  * Copyright (c) 2018-2025 Cosmin Truta
  * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson
diff --git a/src/3rdparty/libpng/pnglibconf.h b/src/3rdparty/libpng/pnglibconf.h
index f4a993441f7..27fa87045b3 100644
--- a/src/3rdparty/libpng/pnglibconf.h
+++ b/src/3rdparty/libpng/pnglibconf.h
@@ -1,6 +1,6 @@
 /* pnglibconf.h - library build configuration */
 
-/* libpng version 1.6.52 */
+/* libpng version 1.6.53 */
 
 /* Copyright (c) 2018-2025 Cosmin Truta */
 /* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */
diff --git a/src/3rdparty/libpng/pngread.c b/src/3rdparty/libpng/pngread.c
index f8ca2b7e31d..13a93deedcb 100644
--- a/src/3rdparty/libpng/pngread.c
+++ b/src/3rdparty/libpng/pngread.c
@@ -3278,7 +3278,7 @@ png_image_read_composite(png_voidp argument)
                            /* Clamp to the valid range to defend against
                             * unforeseen cases where the data might be sRGB
                             * instead of linear premultiplied.
-                            * (Belt-and-suspenders for GitHub Issue #764.)
+                            * (Belt-and-suspenders for CVE-2025-66293.)
                             */
                            if (component > 255*65535)
                               component = 255*65535;
diff --git a/src/3rdparty/libpng/qt_attribution.json b/src/3rdparty/libpng/qt_attribution.json
index 1f942f8f564..132e5e8d4cd 100644
--- a/src/3rdparty/libpng/qt_attribution.json
+++ b/src/3rdparty/libpng/qt_attribution.json
@@ -7,8 +7,8 @@
 
     "Description": "libpng is the official PNG reference library.",
     "Homepage": "http://www.libpng.org/pub/png/libpng.html",
-    "Version": "1.6.52",
-    "DownloadLocation": "https://download.sourceforge.net/libpng/libpng-1.6.52.tar.xz",
+    "Version": "1.6.53",
+    "DownloadLocation": "https://download.sourceforge.net/libpng/libpng-1.6.53.tar.xz",
     "PURL": "pkg:github/pnggroup/libpng@v$<VERSION>",
     "CPE": "cpe:2.3:a:libpng:libpng:$<VERSION>:*:*:*:*:*:*:*",