QEMU was updated to fix various bugs and security issues.
Following security issues were fixed: CVE-2014-8106: Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU allowed local guest users to execute arbitrary code via vectors related to blit regions.
CVE-2014-7840: The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allowed remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
Also a bug was fixed where qemu-img convert could occasionaly corrupt images. (bsc#908380)
{ "binaries": [ { "qemu-tools": "2.0.2-42.1", "qemu": "2.0.2-42.1", "qemu-guest-agent": "2.0.2-42.1", "qemu-block-curl": "2.0.2-42.1", "qemu-lang": "2.0.2-42.1", "qemu-ipxe": "1.0.0-42.1", "qemu-kvm": "2.0.2-42.1", "qemu-seabios": "1.7.4-42.1", "qemu-sgabios": "8-42.1", "qemu-vgabios": "1.7.4-42.1", "qemu-ppc": "2.0.2-42.1", "qemu-s390": "2.0.2-42.1", "qemu-x86": "2.0.2-42.1" } ] }
{ "binaries": [ { "qemu-tools": "2.0.2-42.1", "qemu": "2.0.2-42.1", "qemu-guest-agent": "2.0.2-42.1", "qemu-block-curl": "2.0.2-42.1", "qemu-lang": "2.0.2-42.1", "qemu-ipxe": "1.0.0-42.1", "qemu-kvm": "2.0.2-42.1", "qemu-seabios": "1.7.4-42.1", "qemu-sgabios": "8-42.1", "qemu-vgabios": "1.7.4-42.1", "qemu-ppc": "2.0.2-42.1", "qemu-s390": "2.0.2-42.1", "qemu-x86": "2.0.2-42.1" } ] }