This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS . - CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams . With this release the mitigations for Spectre v4 are moved the the patches from upstream . This feature was added: - Add support for block resize support for disks through the monitor .