A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in measure_pitch() in pgm2asc.c.Referenceshttps://bugzilla.redhat.com/show_bug.cgi?id=1962861https://sourceforge.net/p/jocr/bugs/39/https://security.gentoo.org/glsa/202401-28
