--- PKGBUILD 2015-01-26 16:50:52.118708168 +0100 +++ PKGBUILD 2015-01-26 18:06:29.294033751 +0100 @@ -3,7 +3,7 @@ pkgname=jasper pkgver=1.900.1 -pkgrel=12 +pkgrel=13 pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard" arch=('i686' 'x86_64') url="http://www.ece.uvic.ca/~mdadams/jasper/" @@ -16,8 +16,9 @@ jpc_dec.c.patch jasper-1.900.1-CVE-2008-3522.patch jasper-1.900.1-CVE-2014-8137.patch jasper-avoid-assert-abort.diff jasper-1.900.1-CVE-2014-8138.patch jasper-1.900.1-CVE-2014-9029.patch - jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch - jasper-1.900.1-fix-filename-buffer-overflow.patch) + jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch + jasper-1.900.1-fix-filename-buffer-overflow.patch + jasper-1.900.1-CVE-2014-8157.patch jasper-1.900.1-CVE-2014-8158.patch) sha1sums=('9c5735f773922e580bf98c7c7dfda9bbed4c5191' 'f298566fef08c8a589d072582112cd51c72c3983' '2483dba925670bf29f531d85d73c4e5ada513b01' @@ -28,7 +29,9 @@ '6086e717af2f0a026f70e399e28fe115f08a8cc1' 'f5fe80c8576379d34f372f6a7c6a76630ab9fdcd' '3bfb37a4c732caa824563bad2603fcf5f2acf7f7' - '577dfce40da75818c4d32eb1c4532b1370950bee') + '577dfce40da75818c4d32eb1c4532b1370950bee' + 'aaf96946073d2ece35f3695e8cc7956b5cad9a1d' + 'e69b339de43d1dc2fbb98368cee3d20f76d35941') prepare() { cd ${pkgname}-${pkgver} @@ -42,6 +45,8 @@ patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8138.patch" patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch" patch -p1 -i "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" + patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8157.patch" + patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8158.patch" } build() {