Patch release that addresses the following security vulnerabilities:
- CVE-2026-39886 HTJ2K Signed Integer Overflow in
ht_undo_impl() - CVE-2026-40244 Integer overflow in DWA
setupChannelDataplanarUncRlepointer arithmetic (missed variant of CVE-2026-34589) - CVE-2026-40250 Integer overflow in DWA decoder
outBufferEndpointer arithmetic (missed variant of CVE-2026-34589)