qemu-3.0.1-4.fc29
CVE-2019-12155: qxl: null pointer dereference while releasing spice resources (bz #1712727, bz #1712670)
CVE-2019-5008: NULL pointer dereference in hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz #1705915)
CVE-2018-20815: device_tree: heap buffer overflow while loading device tree blob (bz #1693117, bz #1693101)