File _patchinfo of Package patchinfo

<patchinfo>
  <issue id="846174" tracker="bnc">VUL-0: CVE-2013-2186: jakarta-commons-fileupload: null byte injection flaw</issue>
  <issue id="CVE-2013-2186" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jluce2</packager>
  <description>
	A remote attacker could supply a serialized instance of the DiskFileItem class, which would be deserialized on a server and write arbitrary content to any location on the server that is permitted by the user running the application server process.   bnc#846174/CVE-2013-2186
</description>
  <summary>update for jakarta-commons-fileupload</summary>
</patchinfo>