# upstream 2.1.2 stable patch
v2.1.2.diff

02_kfreebsd.patch
use-fixed-data-path.patch
use-data-path.patch
mjt-set-oem-in-rsdt-like-slic.diff
imx_timer_TIMER_MAX_clash.diff
9p-readdir.patch
9p-use-little-endian-format-for-xattr-values.patch
qemu-options-add-missing--drive-discard-option-to-cmdline-help.diff
# 5 patches to fix CVE-2014-3689 from upstream, #765496
CVE-2014-3689-vmware-vga/1-CVE-2014-3689-turn-off-hw-accel.patch
CVE-2014-3689-vmware-vga/2-add-vmsvga_verify_rect.patch
CVE-2014-3689-vmware-vga/3-use-vmsvga_verify_rect-in-vmsvga_update_rect.patch
CVE-2014-3689-vmware-vga/4-use-vmsvga_verify_rect-in-vmsvga_copy_rect.patch
CVE-2014-3689-vmware-vga/5-use-vmsvga_verify_rect-in-vmsvga_fill_rect.patch

vnc-sanitize-bits_per_pixel-from-the-client-CVE-2014-7815.patch

net-slirp-specify-logbase-for-smbd.patch
slirp-smbd-modify-set-several-parameters-in-generated-smb-conf.patch

block-raw-posix-Fix-disk-corruption-in-try_fiemap.patch
block-raw-posix-use-seek_hole-ahead-of-fiemap.patch
tcg-mips-fix-store-softmmu-slow-path.patch
# CVE-2014-7840
migration-fix-parameter-validation-on-ram-load.patch
usb-host-fix-usb_host_speed_compat-tyops.patch
xen_disk-fix-unmapping-of-persistent-grants.patch
qdev-monitor-fix-segmentation-fault-on-qdev_device_h.patch

cirrus-fix-blit-region-check-CVE-2014-8106.patch
cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf-CVE-2014-8106.patch

CVE-2015-1779-incrementally-decode-websocket-frames.patch
CVE-2015-1779-limit-size-of-HTTP-headers-from-websockets-clients.patch
ide-correct-handling-of-malformed-short-PRDTs-CVE-2014-9718.patch
CVE-2015-2756-xen-limit-guest-control-of-PCI-command-register.patch
fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch
slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
# Xen PCI pass-through issues CVE-2015-4103..4106 (XSA-128..131), #787547
xen-pt/01-xen-properly-gate-host-writes-of-modified-PCI-CFG-contents-CVE-2015-4103.patch
xen-pt/02-xen-dont-allow-guest-to-control-MSI-mask-register-CVE-2015-4104.patch
xen-pt/03-xen-MSI-X-limit-error-messages-CVE-2015-4105.patch
xen-pt/04-xen-MSI-dont-open-code-pass-through-of-enable-bit-mod-CVE-2015-4106.patch
xen-pt/05-xen-pt-consolidate-PM-capability-emu_mask-CVE-2015-4106.patch
xen-pt/06-xen-pt-correctly-handle-PM-status-bit-CVE-2015-4106.patch
xen-pt/07-xen-pt-split-out-calculation-of-throughable-mask-CVE-2015-4106.patch
xen-pt/08-xen-pt-mark-all-PCIe-capability-bits-read-only-CVE-2015-4106.patch
xen-pt/09-xen-pt-mark-reserved-bits-in-PCI-config-space-fields-CVE-2015-4106.patch
xen-pt/10-xen-pt-add-a-few-PCI-config-space-field-descriptions-CVE-2015-4106.patch
xen-pt/11-xen-pt-unknown-PCI-config-space-fields-should-be-readonly-CVE-2015-4106.patch
pcnet-fix-negative-array-index-read.patch
pcnet-force-buffer-access-to-be-in-bounds-CVE-2015-3209.patch

i8254-fix-out-of-bounds-memory-access-in-pit_ioport_read-CVE-2015-3214.patch
ide-check-array-bounds-before-writing-to-io_buffer-CVE-2015-5154.patch
ide-atapi-fix-START-STOP-UNIT-command-completion.patch
ide-clear-DRQ-after-handling-all-expected-accesses.patch
vnc-fix-memory-corruption-CVE-2015-5225.patch
virtio-serial-fix-ANY_LAYOUT-CVE-2015-5745.patch
rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-2015-5165.patch
rtl8139-drop-tautologous-if-ip-statement-CVE-2015-5165.patch
rtl8139-skip-offload-on-short-ethernet-IP-header-CVE-2015-5165.patch
rtl8139-check-IP-header-length-field-CVE-2015-5165.patch
rtl8139-check-IP-total-length-field-CVE-2015-5165.patch
rtl8139-skip-offload-on-short-TCP-header-CVE-2015-5165.patch
rtl8139-check-TCP-data-offset-field-CVE-2015-5165.patch
e1000-avoid-infinite-loop-in-transmit-CVE-2015-6815.patch
ide-fix-ATAPI-command-permissions-CVE-2015-6855.patch
ne2000-add-checks-to-validate-ring-buffer-pointers-CVE-2015-5279.patch
ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch

virtio-introduce-virtqueue_unmap_sg-for-CVE-2015-7295.patch
virtio-introduce-virtqueue_discard-for-CVE-2015-7295.patch
virtio-net-correctly-drop-truncated-packets-CVE-2015-7295.patch
pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch
pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch
msix-implement-pba-write-but-read-only-CVE-2015-7549.patch
eepro100-prevent-two-endless-loops-CVE-2015-8345.patch
vnc-avoid-floating-point-exception-CVE-2015-8504.patch
ehci-make-idt-processing-more-robust-CVE-2015-8558.patch
xenfb-avoid-reading-twice-the-same-fields-from-the-shared-page-CVE-2015-8550.patch
xen-blkif-avoid-double-access-to-src-nr_segments-CVE-2015-8550.patch
net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch
ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch
net-vmxnet3-avoid-memory-leakage-in-activate_device-CVE-2015-8567-CVE-2015-8568.patch
scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch
vmxnet3-refine-l2-header-validation-CVE-2015-8744.patch
vmxnet3-support-reading-IMR-registers-on-bar0-CVE-2015-8745.patch
fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch
i386-avoid-null-pointer-dereference-CVE-2016-1922.patch
e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch
hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch

# CVE-2016-3710
vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch

# CVE-2016-3712
vga-add-vbe_enabled-helper.patch
vga-factor-out-vga-register-setup.patch
vga-update-vga-register-setup-on-vbe-changes.patch
vga-make-sure-vga-register-setup-for-vbe-stays-intac.patch

CVE-2015-8666.patch
CVE-2016-2198-usb-ehci-add-capability-mmio-write-function.patch
CVE-2016-6833-vmxnet3-check-for-device_active-before-write.patch
CVE-2016-6835-net-vmxnet-check-IP-header-length.patch
CVE-2016-8576-fix-infinite-loop.patch
CVE-2016-8667.patch
CVE-2016-8669.patch
CVE-2016-9602-1.patch
CVE-2016-9602-2.patch
CVE-2016-9602-3.patch
CVE-2016-9602-4.patch
CVE-2016-9602-5.patch
CVE-2016-9602-6.patch
CVE-2016-9602-7.patch
CVE-2016-9602-8.patch
CVE-2016-9602-9.patch
CVE-2016-9602-10.patch
CVE-2016-9602-11.patch
CVE-2016-9602-12.patch
CVE-2016-9602-13.patch
CVE-2016-9602-14.patch
CVE-2016-9602-15.patch
CVE-2016-9602-16.patch
CVE-2016-9602-17.patch
CVE-2016-9602-18.patch
CVE-2016-9602-19.patch
CVE-2016-9602-20.patch
CVE-2016-9602-21.patch
CVE-2016-9602-22.patch
CVE-2016-9602-23.patch
CVE-2016-9602-24.patch
CVE-2016-9602-25.patch
CVE-2016-9602-26.patch
CVE-2016-9602-27.patch
CVE-2016-9602-28.patch
CVE-2016-9602-29.patch
CVE-2016-9602-pre.patch
CVE-2016-9603-cirrus-vnc-zap-bitblit-support-from-console-code.patch
#display-cirrus-ignore-source-pitch-value-as-needed-in-bli.patch
CVE-2017-7471.patch
CVE-2016-9776.patch
CVE-2016-9907.patch
CVE-2016-9911.patch
CVE-2016-9914-1.patch
CVE-2016-9914-2.patch
CVE-2016-9915.patch
CVE-2016-9916.patch
CVE-2016-9921-9922.patch
CVE-2016-10155.patch
CVE-2017-2620-pre.patch
CVE-2017-2620-cirrus-add-blit_is_unsafe-call-to-cirrus_bi.patch
0001-cirrus-fix-oob-access-issue-CVE-2017-2615.patch
CVE-2017-5525.patch
CVE-2017-5526.patch
CVE-2017-5579.patch
CVE-2017-5667.patch
CVE-2017-5715-1.patch
CVE-2017-5715-2.patch
CVE-2017-5715-3pre1.patch
CVE-2017-5715-3.patch
CVE-2017-5715-4.patch
CVE-2017-5715-5.patch
CVE-2017-5856.patch
CVE-2017-5987-1.patch
CVE-2017-5987-2.patch
CVE-2017-5987-3.patch
CVE-2017-5987-4.patch
CVE-2017-5973.patch
CVE-2017-6505.patch
CVE-2017-7377.patch
CVE-2017-7493.patch
CVE-2017-7718.patch
CVE-2017-7980-1-CVE-2017-18030.patch
CVE-2017-7980-2.patch
CVE-2017-7980-3.patch
CVE-2017-7980-4.patch
CVE-2017-7980-5.patch
CVE-2017-7980-6.patch
CVE-2017-7980-7.patch
CVE-2017-8086.patch
CVE-2017-8112.patch
CVE-2017-8309-audio-release-capture-buffers.patch
CVE-2017-8379-1.patch
CVE-2017-8379-2.patch
CVE-2017-9330.patch
CVE-2017-9373-1.patch
CVE-2017-9373-2.patch
CVE-2017-9374.patch
CVE-2017-9503-pre1.patch
CVE-2017-9503-1.patch
CVE-2017-9503-2.patch
CVE-2017-9503-3.patch
CVE-2017-9503-4.patch
CVE-2017-9503-5.patch
CVE-2017-9503-6.patch
CVE-2017-9503-7.patch
CVE-2017-10806.patch
xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch
CVE-2017-11434-slirp-check-len-against-dhcp-options-array.patch
CVE-2017-14167-multiboot-validate-multiboot-header-addres.patch
CVE-2017-15038-9pfs-use-g_malloc0-to-allocate-space-for-x.patch
CVE-2017-15289.patch
CVE-2017-16845.patch
CVE-2017-18043.patch
CVE-2018-5683.patch
CVE-2018-7550.patch
CVE-2016-2391.patch
CVE-2016-2392.patch
CVE-2016-2538.patch
CVE-2016-2841.patch
CVE-2016-2857.patch
CVE-2016-2858.patch
CVE-2016-4001.patch
CVE-2016-4002.patch
CVE-2016-4020.patch
CVE-2016-4037.patch
CVE-2016-4439.patch
CVE-2016-4441.patch
CVE-2016-4453.patch
CVE-2016-4454.patch
CVE-2016-4952.patch
CVE-2016-5105.patch
CVE-2016-5106.patch
CVE-2016-5107.patch
CVE-2016-5238.patch
CVE-2016-5337.patch
CVE-2016-5338.patch
CVE-2016-6351.patch
CVE-2016-6834.patch
CVE-2016-6836.patch
CVE-2016-6888.patch
CVE-2016-7116-1.patch
CVE-2016-7116-2.patch
CVE-2016-7116-3.patch
CVE-2016-7116-4.patch
CVE-2016-7155.patch
CVE-2016-7156.patch
CVE-2016-7161.patch
CVE-2016-7170.patch
CVE-2016-7421.patch
CVE-2016-7908.patch
CVE-2016-7909.patch
CVE-2016-8577.patch
CVE-2016-8578.patch
CVE-2016-8909.patch
CVE-2016-8910.patch
CVE-2016-9101.patch
CVE-2016-9103.patch
CVE-2016-9102.patch
CVE-2016-9104.patch
CVE-2016-9105.patch
CVE-2016-9106.patch
CVE-2017-10664-Ignore-SIGPIPE.patch
CVE-2018-10839.patch
CVE-2018-17962.patch
CVE-2018-17963.patch

CVE-2018-19489.patch
CVE-2018-19364.patch
CVE-2018-17958.patch
CVE-2019-6778.patch
CVE-2018-16872.patch
CVE-2018-12617.patch

add_load_image_size.patch
CVE-2018-20815.patch

CVE-2019-9824.patch
CVE-2018-11806.patch
CVE-2018-18849.patch
CVE-2017-9375-1.patch
CVE-2017-9375-2.patch
CVE-2019-12155.patch
CVE-2016-5403.patch
CVE-2016-5403-2.patch
CVE-2016-5403-3.patch
CVE-2016-5403-4.patch
CVE-2016-5403-5.patch
CVE-2016-5403-6.patch

CVE-2016-5126.patch
CVE-2015-8818.patch
CVE-2019-12068.patch
CVE-2019-13164.patch
CVE-2019-14378.patch
CVE-2019-15890.patch
CVE-2020-7039.patch
CVE-2020-1711.patch
CVE-2020-8608-1.patch
CVE-2020-8608-2.patch
