- make option UUID default
- fix double-free in in jas_iccattrval_destroy()
Obtained from: RedHat
Security: CVE-2014-8137
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173157
- fix heap overflow in jp2_decode()
Obtained from: RedHat
Security: CVE-2014-8138
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173162
- dec->numtiles off-by-one check in jpc_dec_process_sot()
Obtained from: RedHat, Fedora
Security: CVE-2014-8157
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282
- multiple stack-based buffer overflows
Obtained from: RedHat, Fedora
Security: CVE-2014-8158
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282
- fix Heap overflows in libjasper
Obtained from: RedHat
Security: CVE-2014-9029
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1167537
- fix Use-after-free (and double-free)
Security: CVE-2015-5221
Security: http://www.openwall.com/lists/oss-security/2015/08/20/4
PR: 203504
- patch (rows_ NULL check)
Obtained from: RedHat
Security: CVE-2016-2089
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1302636