x86 CMPXCHG8B emulation fails to ignore operand size override [XSA-200,
CVE-2016-9932] (#1404262)

—-

ARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815,
CVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747)
qemu: Divide by zero vulnerability in cirrus_do_copy (#1399055)
[CVE-2016-9921, CVE-2016-9922]
Qemu: 9pfs: memory leakage via proxy/handle callbacks (#1402278)
qemu ioport array overflow [XSA-199, CVE-2016-9637]