SUSE-SU-2015:0357-1

* Fix NULL pointer dereference because of uninitialized UDP socket. (bsc#897654, CVE-2014-3640) * Fix performance degradation after migration. (bsc#878350) * Fix potential image corruption due to missing FIEMAP_FLAG_SYNC flag in FS_IOC_FIEMAP ioctl. (bsc#908381) * Add validate hex properties for qdev. (bsc#852397) * Add boot option to do strict boot (bsc#900084) * Add query-command-line-options QMP command. (bsc#899144) * Fix incorrect return value of migrate_cancel. (bsc#843074) * Fix insufficient parameter validation during ram load. (bsc#905097, CVE-2014-7840) * Fix insufficient blit region checks in qemu/cirrus. (bsc#907805, CVE-2014-8106)

* Fix security hole with migratable flag in dumpxml. (bsc#904176, CVE-2014-7823) * Fix domain deadlock. (bsc#899484, CVE-2014-3657) * Use correct definition when looking up disk in qemu blkiotune. (bsc#897783, CVE-2014-3633) * Fix undefined symbol when starting virtlockd. (bsc#910145) * Add '-boot strict' to qemu's commandline whenever possible. (bsc#900084) * Add support for 'reboot-timeout' in qemu. (bsc#899144) * Increase QEMU's monitor timeout to 30sec. (bsc#911742) * Allow setting QEMU's migration max downtime any time. (bsc#879665)

* CVE-2014-7823 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823> * CVE-2014-3657 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657> * CVE-2014-3633 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633> * CVE-2014-3640 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640> * CVE-2014-7840 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840> * CVE-2014-8106 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106>