diff --git a/jasper-2.0.14-CVE-2016-9396.patch b/jasper-2.0.14-CVE-2016-9396.patch
new file mode 100644
index 0000000..197ea7c
--- /dev/null
+++ b/jasper-2.0.14-CVE-2016-9396.patch
@@ -0,0 +1,13 @@
+diff -urNp old/src/libjasper/jpc/jpc_cs.c new/src/libjasper/jpc/jpc_cs.c
+--- old/src/libjasper/jpc/jpc_cs.c	2018-05-30 09:01:54.160406645 +0200
++++ new/src/libjasper/jpc/jpc_cs.c	2018-05-30 09:05:24.527094308 +0200
+@@ -795,6 +795,9 @@ static int jpc_cox_getcompparms(jpc_ms_t
+ 	if (compparms->numdlvls > 32) {
+ 		goto error;
+ 	}
++	if (compparms->qmfbid != JPC_COX_INS &&
++	    compparms->qmfbid != JPC_COX_RFT)
++		goto error;
+ 	compparms->numrlvls = compparms->numdlvls + 1;
+ 	if (compparms->numrlvls > JPC_MAXRLVLS) {
+ 		goto error;
diff --git a/jasper-2.0.14-rpath.patch b/jasper-2.0.14-rpath.patch
new file mode 100644
index 0000000..23aba06
--- /dev/null
+++ b/jasper-2.0.14-rpath.patch
@@ -0,0 +1,12 @@
+diff -up jasper-2.0.14/CMakeLists.txt.rpath jasper-2.0.14/CMakeLists.txt
+--- jasper-2.0.14/CMakeLists.txt.rpath	2017-09-14 18:20:10.000000000 -0500
++++ jasper-2.0.14/CMakeLists.txt	2018-07-19 09:48:53.035815377 -0500
+@@ -347,7 +347,7 @@ if (JAS_ENABLE_SHARED)
+ 	# (but later on when installing)
+ 	set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE) 
+ 
+-	set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
++	#set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
+ 
+ 	# add the automatically determined parts of the RPATH
+ 	# which point to directories outside the build tree to the install RPATH
diff --git a/jasper-2.0.14.tar.gz b/jasper-2.0.14.tar.gz
new file mode 100644
index 0000000..657c271
Binary files /dev/null and b/jasper-2.0.14.tar.gz differ
diff --git a/jasper.spec b/jasper.spec
new file mode 100644
index 0000000..071f449
--- /dev/null
+++ b/jasper.spec
@@ -0,0 +1,91 @@
+Name:                jasper
+Version:             2.0.14
+Release:             8
+Summary:             Reference implementation of the codec specified in the JPEG-2000 standard, Part 1
+License:             JasPer
+URL:                 http://www.ece.uvic.ca/~frodo/jasper/
+Source0:             http://www.ece.uvic.ca/~frodo/jasper/software/jasper-%{version}.tar.gz
+
+Patch0001:           jasper-2.0.14-CVE-2016-9396.patch
+Patch0002:           jasper-2.0.14-rpath.patch
+
+BuildRequires:       cmake freeglut-devel libGLU-devel libjpeg-devel libXmu-devel libXi-devel
+BuildRequires:       pkgconfig doxygen mesa-libGL-devel
+
+Provides:            jasper-libs = %{version}-%{release}
+Obsoletes:           jasper-libs < %{version}-%{release}
+Conflicts:           jasper < 1.900.1-4
+
+%description
+The JasPer Project is an open-source initiative to provide a free software-based reference
+implementation of the codec specified in the JPEG-2000 Part-1 standard.
+
+%package devel
+Summary:             Development files for jasper
+Provides:            libjasper-devel = %{version}-%{release}
+Requires:            %{name} = %{version}-%{release} libjpeg-devel pkgconfig
+
+%description devel
+Development files for jasper.
+
+%package utils
+Summary:             Nonessential utilities of jasper
+Requires:            %{name} = %{version}-%{release}
+
+%description utils
+Nonessential utilities of jasper, including jiv and tmrdemo.
+
+%package help
+Summary:             Help documents for jasper
+
+%description help
+Help documents for jasper.
+
+%prep
+%autosetup -n %{name}-%{version} -p1 -S git
+
+%build
+install -d builder
+cd builder
+%cmake .. -DJAS_ENABLE_DOC:BOOL=OFF
+cd -
+
+%make_build -C builder
+
+%install
+make install/fast DESTDIR=%{buildroot} -C builder
+%delete_la
+
+%check
+make test -C builder
+
+%post
+/sbin/ldconfig
+%postun
+/sbin/ldconfig
+
+%files
+%doc COPYRIGHT LICENSE
+%{_bindir}/imgcmp
+%{_bindir}/imginfo
+%{_bindir}/jasper
+%{_docdir}/JasPer/*
+%{_libdir}/libjasper.so.4*
+
+%files devel
+%doc doc/*
+%{_includedir}/jasper/
+%{_libdir}/pkgconfig/jasper.pc
+%{_libdir}/libjasper.so
+%exclude %{_docdir}/README
+
+%files utils
+%{_bindir}/jiv
+
+%files help
+%{_mandir}/man1/*
+%doc README
+
+%changelog
+* Wed Apr 22 2020 leiju <leiju4@huawei.com> - 2.0.14-8
+- Package init
diff --git a/jasper.yaml b/jasper.yaml
new file mode 100644
index 0000000..bec3bb9
--- /dev/null
+++ b/jasper.yaml
@@ -0,0 +1,4 @@
+version_control: github
+src_repo: mdadams/jasper
+tag_prefix: version-
+seperator: .