- update CVE-2014-4002 patch from debian - add patches from debian to fix CVE-2014-502[56] and CVE-2014-526[12]