jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.Referenceshttps://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746https://security.gentoo.org/glsa/202007-17https://bugs.gentoo.org/711220#c3https://bugs.gentoo.org/876247#c0
