I noticed that the 4.19, 5.4 and 5.10 updates yesterday included a series of fixes related to corruption in squashfs.
From the commit messages, they look like security fixes for maliciously constructed squashfs rather than for defects in handling normal squashfs actions.
Well, I read it as also being 'naive programming' (re: sanity checks) in an unfortunately non-naive world of internet. An ounce of prevention.. as the old saying goes.
Regards
8Geee
Money talks... no, it shouts, so that it doesn't have to hear common sense.