diff --git a/srcpkgs/fastjar/patches/CVE-2010-2322.patch b/srcpkgs/fastjar/patches/CVE-2010-2322.patch
new file mode 100644
index 0000000000..a928fbfc77
--- /dev/null
+++ b/srcpkgs/fastjar/patches/CVE-2010-2322.patch
@@ -0,0 +1,49 @@
+Index: fastjar-0.98/jartool.c
+===================================================================
+--- jartool.c	2010-05-19 14:54:57.367665309 +0200
++++ jartool.c	2010-05-19 14:54:57.381665355 +0200
+@@ -1731,8 +1731,18 @@
+       struct stat sbuf;
+       int depth = 0;
+ 
++      if(strncmp((const char *)filename, "/", 1) == 0){
++        fprintf(stderr, "Absolute path names are not allowed.\n");
++        exit(EXIT_FAILURE);
++      }
++
+       tmp_buff = malloc(sizeof(char) * strlen((const char *)filename));
+ 
++      if(tmp_buff == NULL) {
++        fprintf(stderr, "Out of memory.\n");
++        exit(EXIT_FAILURE);
++      }
++
+       for(;;){
+         const ub1 *idx = (const unsigned char *)strchr((const char *)start, '/');
+ 
+@@ -1750,14 +1760,17 @@
+ #ifdef DEBUG    
+         printf("checking the existance of %s\n", tmp_buff);
+ #endif
+-	if(strcmp(tmp_buff, "..") == 0){
+-	  --depth;
+-	  if (depth < 0){
+-	    fprintf(stderr, "Traversal to parent directories during unpacking!\n");
+-	    exit(EXIT_FAILURE);
+-	  }
+-	} else if (strcmp(tmp_buff, ".") != 0)
+-	  ++depth;
++        if(strcmp(tmp_buff, "..") == 0 || (strlen(tmp_buff) > 2 && strncmp(tmp_buff + strlen(tmp_buff) - 3, "/..", 3) == 0)){
++          --depth;
++          if (depth < 0){
++            fprintf(stderr, "Traversal to parent directories during unpacking!\n");
++            exit(EXIT_FAILURE);
++          }
++        } else if (strcmp(tmp_buff, ".") == 0 || (strlen(tmp_buff) > 1 && strncmp(tmp_buff + strlen(tmp_buff) - 2, "/.", 2) == 0)){
++          /* Do nothing, the current directory is "." */ 
++        } else
++          ++depth;
++
+         if(stat(tmp_buff, &sbuf) < 0){
+           if(errno != ENOENT)
+             exit_on_error("stat");
diff --git a/srcpkgs/fastjar/template b/srcpkgs/fastjar/template
index ae4e1a2641..8ea8b33b23 100644
--- a/srcpkgs/fastjar/template
+++ b/srcpkgs/fastjar/template
@@ -1,12 +1,12 @@
 # Template file for 'fastjar'
 pkgname=fastjar
 version=0.98
-revision=1
+revision=2
 build_style=gnu-configure
 makedepends="zlib-devel"
-short_desc="C implementation of Oracle's jar utility."
+short_desc="C implementation of Oracle's jar utility"
 maintainer="Enno Boland <gottox@voidlinux.eu>"
 license="GPL-2"
 homepage="http://savannah.nongnu.org/projects/fastjar"
-distfiles="http://download.savannah.gnu.org/releases/$pkgname/$pkgname-$version.tar.gz"
+distfiles="http://download.savannah.gnu.org/releases/${pkgname}/${pkgname}-${version}.tar.gz"
 checksum=f156abc5de8658f22ee8f08d7a72c88f9409ebd8c7933e9466b0842afeb2f145