This update for jasper fixes the following issues:
- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec.
(bsc#1012530)
- CVE-2016-9395: Invalid jasper files could lead to abort of the library
caused by attacker provided image. (bsc#1010977)
- CVE-2016-9398: Invalid jasper files could lead to abort of the library
caused by attacker provided image. (bsc#1010979)
- CVE-2016-9560: Stack-based buffer overflow in jpc_tsfb_getbands2.
(bsc#1011830)
- CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy.
(bsc#1015993)