Security update for qemu (important)

qemu was updated to fix 37 security issues.

These security issues were fixed:

• CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
• CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
• CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266)
• CVE-2015-8817: Avoid OOB access in PCI DMA I/O (bsc#969121)
• CVE-2015-8818: Avoid OOB access in PCI DMA I/O (bsc#969122)
• CVE-2016-3710: Fixed VGA emulation based OOB access with potential for
  guest escape (bsc#978158)
• CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit
  (bsc#978160)
• CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
• CVE-2016-2538: Fixed potential OOB access in USB net device emulation
  (bsc#967969)
• CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
• CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number
  generator (bsc#970036)
• CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
• CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic
  (bsc#975128)
• CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller
  (bsc#975136)
• CVE-2016-4020: Fixed possible host data leakage to guest from TPR access
  (bsc#975700)
• CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)
• CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to
  avoid any opportunity for guest to cause DoS by abusing that interface
  (bsc#928393)
• CVE-2014-3689: Fixed insufficient parameter validation in rectangle
  functions (bsc#901508)
• CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to
  read host memory by setting the display to a high resolution
  (bsc#895528).
• CVE-2015-5239: Integer overflow in vnc_client_read() and
  protocol_client_msg() (bsc#944463).
• CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
• CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device
  (virtio-net) support in QEMU, when big or mergeable receive buffers are
  not supported, allowed remote attackers to cause a denial of service
  (guest network consumption) via a flood of jumbo frames on the (1)
  tuntap or (2) macvtap interface (bsc#947159).
• CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
• CVE-2015-8504: VNC floating point exception (bsc#958491).
• CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS
  (bsc#959005).
• CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak
  host memory (bsc#959386).
• CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak
  host memory (bsc#959386).
• CVE-2015-8613: Wrong sized memset in megasas command handler
  (bsc#961358).
• CVE-2015-8619: Potential DoS for long HMP sendkey command argument
  (bsc#960334).
• CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions
  (bsc#960725).
• CVE-2015-8744: Incorrect l2 header validation could have lead to a crash
  via assert(2) call (bsc#960835).
• CVE-2015-8745: Reading IMR registers could have lead to a crash via
  assert(2) call (bsc#960708).
• CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
• CVE-2016-1714: Potential OOB memory access in processing firmware
  configuration (bsc#961691).
• CVE-2016-1922: NULL pointer dereference when processing hmp i/o command
  (bsc#962320).
• CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation
  by malicious privileged user within guest (bsc#963782).
• CVE-2016-2198: Malicious privileged guest user were able to cause DoS by
  writing to read-only EHCI capabilities registers (bsc#964413).

This non-security issue was fixed

• bsc#886378: qemu truncates vhd images in virt-rescue