On Tue, Mar 28, 2017 at 04:06:37AM -0400, Leo Famulari wrote:
> Fixes CVE-2016-9602 and CVE-2017-{5857,5973,5987,6058,6505}.
> 
> * gnu/packages/qemu.scm (qemu): Update to 2.9.0-rc1.
> [source]: Remove obsolete patches.
> * gnu/packages/patches/qemu-CVE-2016-10155.patch,
> gnu/packages/patches/qemu-CVE-2017-2615.patch,
> gnu/packages/patches/qemu-CVE-2017-2620.patch,
> gnu/packages/patches/qemu-CVE-2017-2630.patch,
> gnu/packages/patches/qemu-CVE-2017-5525.patch,
> gnu/packages/patches/qemu-CVE-2017-5526.patch,
> gnu/packages/patches/qemu-CVE-2017-5552.patch,
> gnu/packages/patches/qemu-CVE-2017-5578.patch,
> gnu/packages/patches/qemu-CVE-2017-5579.patch,
> gnu/packages/patches/qemu-CVE-2017-5667.patch,
> gnu/packages/patches/qemu-CVE-2017-5856.patch,
> gnu/packages/patches/qemu-CVE-2017-5898.patch,
> gnu/packages/patches/qemu-CVE-2017-5931.patch: Delete files.
> * gnu/local.mk (dist_patch_DATA): Remove them.

Here's an updated version of this patchset, for your reference.