--- PKGBUILD	2015-01-26 16:50:52.118708168 +0100
+++ PKGBUILD	2015-01-26 18:06:29.294033751 +0100
@@ -3,7 +3,7 @@
 
 pkgname=jasper
 pkgver=1.900.1
-pkgrel=12
+pkgrel=13
 pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard"
 arch=('i686' 'x86_64')
 url="http://www.ece.uvic.ca/~mdadams/jasper/"
@@ -16,8 +16,9 @@
         jpc_dec.c.patch jasper-1.900.1-CVE-2008-3522.patch
         jasper-1.900.1-CVE-2014-8137.patch jasper-avoid-assert-abort.diff
         jasper-1.900.1-CVE-2014-8138.patch jasper-1.900.1-CVE-2014-9029.patch
-	jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch
-        jasper-1.900.1-fix-filename-buffer-overflow.patch)
+        jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch
+        jasper-1.900.1-fix-filename-buffer-overflow.patch
+        jasper-1.900.1-CVE-2014-8157.patch jasper-1.900.1-CVE-2014-8158.patch)
 sha1sums=('9c5735f773922e580bf98c7c7dfda9bbed4c5191'
           'f298566fef08c8a589d072582112cd51c72c3983'
           '2483dba925670bf29f531d85d73c4e5ada513b01'
@@ -28,7 +29,9 @@
           '6086e717af2f0a026f70e399e28fe115f08a8cc1'
           'f5fe80c8576379d34f372f6a7c6a76630ab9fdcd'
           '3bfb37a4c732caa824563bad2603fcf5f2acf7f7'
-          '577dfce40da75818c4d32eb1c4532b1370950bee')
+          '577dfce40da75818c4d32eb1c4532b1370950bee'
+          'aaf96946073d2ece35f3695e8cc7956b5cad9a1d'
+          'e69b339de43d1dc2fbb98368cee3d20f76d35941')
 
 prepare() {
   cd ${pkgname}-${pkgver}
@@ -42,6 +45,8 @@
   patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8138.patch"
   patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch"
   patch -p1 -i "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8157.patch"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8158.patch"
 }
 
 build() {