Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169750 – CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [fedora-all]<br
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169371 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings [fedora-all]<br
Security fix for CVE-2014-9130

Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169371 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings [fedora-all]<br
Security fix for CVE-2014-9130

Resolved Bugs
1163080 – CVE-2014-7840 qemu: insufficient parameter validation during ram load [fedora-all]
1163075 – CVE-2014-7840 qemu: insufficient parameter validation during ram load<br
* Fix SLES11 migration issue (bz #1109427)
* CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)

Fix for CVE-2014-8104.
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b

Resolved Bugs
1167249 – qemu-img disk corruption
1109427 – SLES 11 SP2 guest crashes during live migration
1163080 – CVE-2014-7840 qemu: insufficient parameter validation during ram load [fedora-all]
1163075 – CVE-2014-7840 qemu: insufficient parameter validation during ram load<br
* Fix qemu-img convert corruption for unflushed files (bz #1167249)
* Fix SLES11 migration issue (bz #1109427)
* CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)

Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169371 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings [fedora-all]<br
Security fix for CVE-2014-9130

Resolved Bugs
1166041 – CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option
1166767 – CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]<br
* Fix CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option (rhbz #1166767)

Resolved Bugs
1168485 – CVE-2014-9114 util-linux: command injection flaw in blkid
1168490 – CVE-2014-9114 util-linux: command injection flaw in blkid [fedora-all]<br
Security fix for CVE-2014-9114

Resolved Bugs
1166461 – migrate –debug option can lead to Segmentation fault (core dumped)<br
Excessive checking in compatibility mode hypercall argument translation,
Insufficient bounding of “REP MOVS” to MMIO emulated inside the hypervisor,
fix segfaults and failures in xl migrate –debug