File _patchinfo of Package patchinfo

<patchinfo incident="3362">
  <issue id="909475" tracker="bnc">CVE-2014-8138: heap overflow in jas_decode()</issue>
  <issue id="909474" tracker="bnc">CVE-2014-8137: double-free in jas_iccattrval_destroy()</issue>
  <issue id="CVE-2014-8137" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>nadvornik</packager>
  <description>
   The follow issues were fixed with this update: 
      - CVE-2014-8137  double-free in jas_iccattrval_destroy()(bnc#909474)
      - CVE-2014-8138  heap overflow in jas_decode() (bnc#909475)
</description>
  <summary>Security update for jasper</summary>
</patchinfo>