02_kfreebsd.patch
qemu-ifunc-sparc.patch
configure-nss-usbredir.patch
do-not-include-libutil.h.patch
tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch
linux-user-fix-mips-32-on-64-prealloc-case.patch
net-add--netdev-options-to-man-page.patch
revert-serial-fix-retry-logic.patch
intel_hda-do-not-call-msi_reset-when-only-device-state-needs-resetting.patch
blockdev-preserve-readonly-and-snapshot-states-across-media-changes.patch
ahci-properly-reset-PxCMD-on-HBA-reset.patch
net-notify-iothread-after-flushing-queue.patch
e1000-flush-queue-whenever-can_receive-can-go-from-false-to-true.patch
e1000-discard-packets-that-are-too-long-if-not-SBP-and-not-LPE.patch
e1000-discard-oversized-packets-based-on-SBP_LPE.patch
eepro100-fix-network-hang-when-rx-buffers-run-out.patch
fixes-related-to-processing-of-qemu-s-numa-option.patch
qcow2-fix-avail_sectors-in-cluster-allocation-code.patch
qcow2-fix-refcount-table-size-calculation.patch
tap-reset-vnet-header-size-on-open.patch
vmdk-fix-data-corruption-bug-in-WRITE-and-READ-handling.patch
uhci-don-t-queue-up-packets-after-one-with-the-SPD-flag-set.patch
usb-split-endpoint-init-and-reset.patch
virtio-net-fix-guest-triggerable-buffer-overrun-CVE-2014-0150.patch
x86-only-allow-real-mode-to-access-32bit-without-LMA.patch
fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch
ide-correct-improper-smart-self-test-counter-reset-CVE-2014-2894.patch
scsi-allocate-SCSITargetReq-r-buf-dynamically-CVE-2013-4344.patch
slirp-udp-fix-NULL-pointer-deref-uninit-socket-CVE-2014-3640.patch
spice-make-sure-we-don-t-overflow-ssd-buf-CVE-2014-3615.patch
vbe-rework-sanity-checks-CVE-2014-3615.patch

# #742730, http://bugs.debian.org/742730
image-format-validation/0001-block-cloop-validate-block_size-header-field-CVE-2014-0144.patch
image-format-validation/0002-block-cloop-prevent-offsets_size-integer-overflow-CVE-2014-0143.patch
image-format-validation/0003-block-cloop-refuse-images-with-huge-offsets-arrays-CVE-2014-0144.patch
image-format-validation/0004-block-cloop-refuse-images-with-bogus-offsets-CVE-2014-0144.patch
image-format-validation/0005-block-cloop-fix-offsets-size-off-by-one.patch
image-format-validation/0006-bochs-use-unsigned-variables-for-offsets-and-sizes-CVE-2014-0147.patch
image-format-validation/0007-bochs-check-catalog_size-header-field-CVE-2014-0143.patch
image-format-validation/0008-bochs-check-extent_size-header-field-CVE-2014-0142.patch
image-format-validation/0009-bochs-fix-bitmap-offset-calculation.patch
image-format-validation/0010-vpc-vhd-add-bounds-check-for-max_table_entries-and-block_size-CVE-2014-0144.patch
image-format-validation/0011-vpc-validate-block-size-CVE-2014-0142.patch
image-format-validation/0012-vdi-add-bounds-checks-for-blocks_in_image-and-disk_size-header-fields-CVE-2014-0144.patch
image-format-validation/0013-curl-check-data-size-before-memcpy-to-local-buffer-CVE-2014-0144.patch
image-format-validation/0014-qcow2-catch-some-L1-table-index-overflows.patch
image-format-validation/0015-qcow2-check-header_length-CVE-2014-0144.patch
image-format-validation/0016-qcow2-check-backing_file_offset-CVE-2014-0144.patch
image-format-validation/0017-qcow2-check-refcount-table-size-CVE-2014-0144.patch
image-format-validation/0018-qcow2-validate-refcount-table-offset.patch
image-format-validation/0019-qcow2-validate-snapshot-table-offset-size-CVE-2014-0144.patch
image-format-validation/0020-qcow2-validate-active-L1-table-offset-and-size-CVE-2014-0144.patch
image-format-validation/0021-qcow2-fix-backing-file-name-length-check.patch
image-format-validation/0022-qcow2-avoid-integer-overflow-in-get_refcount-CVE-2014-0143.patch
image-format-validation/0023-qcow2-don-t-rely-on-free_cluster_index-in-alloc_refccount_block-CVE-2014-0147.patch
image-format-validation/0024-qcow2-check-new-refcount-table-size-on-growth.patch
image-format-validation/0025-qcow2-preserve-free_byte_offset-when-qcow2_alloc_bytes_fails.patch
image-format-validation/0026-qcow2-fix-types-in-qcow2_alloc_clusters-and-alloc_clusters_noref.patch
image-format-validation/0027-qcow2-fix-new-L1-table-size-check-CVE-2014-0143.patch
image-format-validation/0028-dmg-sanitize-chunk-length-and-sectorcount-CVE-2014-0145.patch
image-format-validation/0029-dmg-prevent-chunk-buffer-overflow-CVE-2014-0145.patch
image-format-validation/0030-block-limit-request-size-CVE-2014-0143.patch
image-format-validation/0031-qcow2-fix-NULL-dereference-in-qcow2_open-error-path-CVE-2014-0146.patch
image-format-validation/0032-qcow2-fix-L1-allocation-size-in-qcow2_snapshot_load_tmp-CVE-2014-0145.patch
image-format-validation/0033-qcow2-check-maximum-L1-size-in-qcow2_snapshot_load_tmp-CVE-2014-0143.patch
image-format-validation/0034-parallels-fix-catalog-size-integer-overflow-CVE-2014-0143.patch
image-format-validation/0035-parallels-sanity-check-for-s-tracks-CVE-2014-0142.patch
image-format-validation/0036-qcow1-make-padding-in-the-header-explicit.patch
image-format-validation/0037-qcow1-check-maximum-cluster-size.patch
image-format-validation/0038-qcow1-validate-L2-table-size-CVE-2014-0222.patch
image-format-validation/0039-qcow1-validate-image-size-CVE-2014-0223.patch
image-format-validation/0040-qcow1-stricter-backing-file-length-check.patch

# 5 patches to fix CVE-2014-3689 from upstream, #765496
CVE-2014-3689-vmware-vga/1-CVE-2014-3689-turn-off-hw-accel.patch
CVE-2014-3689-vmware-vga/2-add-vmsvga_verify_rect.patch
CVE-2014-3689-vmware-vga/3-use-vmsvga_verify_rect-in-vmsvga_update_rect.patch
CVE-2014-3689-vmware-vga/4-use-vmsvga_verify_rect-in-vmsvga_copy_rect.patch
CVE-2014-3689-vmware-vga/5-use-vmsvga_verify_rect-in-vmsvga_fill_rect.patch

vnc-sanitize-bits_per_pixel-from-the-client-CVE-2014-7815.patch

cirrus-fix-blit-region-check-CVE-2014-8106.patch
cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf-CVE-2014-8106.patch
fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch
