Re: [qubes-users] Qubes OS 4.2.0 has been released!
I'm gonna make it a fun day project to upgrade my Qubes system. Long live Qubes!! On Mon, Dec 18, 2023 at 7:13 PM Andrew David Wong wrote: > Dear Qubes Community, > > Qubes OS 4.2.0 brings a host of new features, major improvements, and > numerous bug fixes. The ISO and associated [verification files]( > https://www.qubes-os.org/security/verifying-signatures/) are available on > the [downloads](https://www.qubes-os.org/downloads/) page. > > ## What's new in Qubes OS 4.2.0? > > - Dom0 upgraded to Fedora 37 ([#6982]( > https://github.com/QubesOS/qubes-issues/issues/6982)) > - Xen upgraded to version 4.17 > - Default Debian template upgraded to Debian 12 > - Default Fedora and Debian templates use Xfce instead of GNOME ([#7784]( > https://github.com/QubesOS/qubes-issues/issues/7784)) > - SELinux support in Fedora templates ([#4239]( > https://github.com/QubesOS/qubes-issues/issues/4239)) > - Several GUI applications rewritten, including: > - Applications Menu (also available as preview in R4.1) ([#6665]( > https://github.com/QubesOS/qubes-issues/issues/6665)), ([#5677]( > https://github.com/QubesOS/qubes-issues/issues/5677)) > - Qubes Global Settings ([#6898]( > https://github.com/QubesOS/qubes-issues/issues/6898)) > - Create New Qube > - Qubes Update ([#7443]( > https://github.com/QubesOS/qubes-issues/issues/7443)) > - Unified `grub.cfg` location for both UEFI and legacy boot ([#7985]( > https://github.com/QubesOS/qubes-issues/issues/7985)) > - PipeWire support ([#6358]( > https://github.com/QubesOS/qubes-issues/issues/6358)) > - fwupd integration for firmware updates ([#4855]( > https://github.com/QubesOS/qubes-issues/issues/4855)) > - Optional automatic clipboard clearing ([#3415]( > https://github.com/QubesOS/qubes-issues/issues/3415)) > - Official packages built using Qubes Builder v2 ([#6486]( > https://github.com/QubesOS/qubes-issues/issues/6486)) > - Split GPG management in Qubes Global Settings > - Qrexec services use new qrexec policy format by default (but old format > is still supported) ([#8000]( > https://github.com/QubesOS/qubes-issues/issues/8000)) > > For further details, see the [Qubes 4.2 release notes]( > https://www.qubes-os.org/doc/releases/4.2/release-notes/) and the [full > list of issues completed for Qubes 4.2]( > https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aclosed+reason%3Acompleted+milestone%3A%22Release+4.2%22+-label%3A%22R%3A+cannot+reproduce%22+-label%3A%22R%3A+declined%22+-label%3A%22R%3A+duplicate%22+-label%3A%22R%3A+not+applicable%22+-label%3A%22R%3A+self-closed%22+-label%3A%22R%3A+upstream+issue%22+ > ). > > ## Known issues in Qubes OS 4.2.0 > > DomU firewalls have completely switched to nftables. Users should add > their custom rules to the `custom-input` and `custom-forward` chains. (For > more information, see issues [#5031]( > https://github.com/QubesOS/qubes-issues/issues/5031) and [#6062]( > https://github.com/QubesOS/qubes-issues/issues/6062).) > > Also see the [full list of open bug reports affecting Qubes 4.2]( > https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.2+label%3A%22T%3A+bug%22+is%3Aopen > ). > > We strongly recommend [updating Qubes OS]( > https://www.qubes-os.org/doc/how-to-update/) immediately after > installation in order to apply all available bug fixes. > > ## How to get Qubes OS 4.2.0 > > - If you don't have Qubes OS installed, or if you're currently on Qubes > 4.0 or earlier, follow the [installation guide]( > https://www.qubes-os.org/doc/installation-guide/). > - If you're currently on Qubes 4.1, learn [how to upgrade to Qubes 4.2]( > https://www.qubes-os.org/doc/upgrade/4.2/). > - If you're currently on a Qubes 4.2 release candidate (RC), [update > normally](https://www.qubes-os.org/doc/how-to-update/). > > In all cases, we strongly recommend [making a full backup]( > https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/) > beforehand. > > ## Reminder: new release signing key for Qubes 4.2 > > As a reminder, we published the following special announcement in [Qubes > Canary 032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on > 2022-09-14: > > > We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. > Normally, we have only one RSK for each major release. However, for the 4.2 > release, we will be using Qubes Builder version 2, which is a complete > rewrite of the Qubes Builder. Out of an abundance of caution, we would like > to isolate the build processes of the current stable 4.1 release and the > upcoming 4.2 release from each other at the cryptographic level in order to > minimize the risk of a vulnerability in one affecting the other. We are > including this notice as a canary special announcement since introducing a > new RSK for a minor release is an exception to our usual RSK management > policy. > > As always, we encourage you to [authenticate]( > https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate) > this canary by [verifying
[qubes-users] Qubes OS 4.2.0 has been released!
Dear Qubes Community, Qubes OS 4.2.0 brings a host of new features, major improvements, and numerous bug fixes. The ISO and associated [verification files](https://www.qubes-os.org/security/verifying-signatures/) are available on the [downloads](https://www.qubes-os.org/downloads/) page. ## What's new in Qubes OS 4.2.0? - Dom0 upgraded to Fedora 37 ([#6982](https://github.com/QubesOS/qubes-issues/issues/6982)) - Xen upgraded to version 4.17 - Default Debian template upgraded to Debian 12 - Default Fedora and Debian templates use Xfce instead of GNOME ([#7784](https://github.com/QubesOS/qubes-issues/issues/7784)) - SELinux support in Fedora templates ([#4239](https://github.com/QubesOS/qubes-issues/issues/4239)) - Several GUI applications rewritten, including: - Applications Menu (also available as preview in R4.1) ([#6665](https://github.com/QubesOS/qubes-issues/issues/6665)), ([#5677](https://github.com/QubesOS/qubes-issues/issues/5677)) - Qubes Global Settings ([#6898](https://github.com/QubesOS/qubes-issues/issues/6898)) - Create New Qube - Qubes Update ([#7443](https://github.com/QubesOS/qubes-issues/issues/7443)) - Unified `grub.cfg` location for both UEFI and legacy boot ([#7985](https://github.com/QubesOS/qubes-issues/issues/7985)) - PipeWire support ([#6358](https://github.com/QubesOS/qubes-issues/issues/6358)) - fwupd integration for firmware updates ([#4855](https://github.com/QubesOS/qubes-issues/issues/4855)) - Optional automatic clipboard clearing ([#3415](https://github.com/QubesOS/qubes-issues/issues/3415)) - Official packages built using Qubes Builder v2 ([#6486](https://github.com/QubesOS/qubes-issues/issues/6486)) - Split GPG management in Qubes Global Settings - Qrexec services use new qrexec policy format by default (but old format is still supported) ([#8000](https://github.com/QubesOS/qubes-issues/issues/8000)) For further details, see the [Qubes 4.2 release notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/) and the [full list of issues completed for Qubes 4.2](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aclosed+reason%3Acompleted+milestone%3A%22Release+4.2%22+-label%3A%22R%3A+cannot+reproduce%22+-label%3A%22R%3A+declined%22+-label%3A%22R%3A+duplicate%22+-label%3A%22R%3A+not+applicable%22+-label%3A%22R%3A+self-closed%22+-label%3A%22R%3A+upstream+issue%22+). ## Known issues in Qubes OS 4.2.0 DomU firewalls have completely switched to nftables. Users should add their custom rules to the `custom-input` and `custom-forward` chains. (For more information, see issues [#5031](https://github.com/QubesOS/qubes-issues/issues/5031) and [#6062](https://github.com/QubesOS/qubes-issues/issues/6062).) Also see the [full list of open bug reports affecting Qubes 4.2](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.2+label%3A%22T%3A+bug%22+is%3Aopen). We strongly recommend [updating Qubes OS](https://www.qubes-os.org/doc/how-to-update/) immediately after installation in order to apply all available bug fixes. ## How to get Qubes OS 4.2.0 - If you don't have Qubes OS installed, or if you're currently on Qubes 4.0 or earlier, follow the [installation guide](https://www.qubes-os.org/doc/installation-guide/). - If you're currently on Qubes 4.1, learn [how to upgrade to Qubes 4.2](https://www.qubes-os.org/doc/upgrade/4.2/). - If you're currently on a Qubes 4.2 release candidate (RC), [update normally](https://www.qubes-os.org/doc/how-to-update/). In all cases, we strongly recommend [making a full backup](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/) beforehand. ## Reminder: new release signing key for Qubes 4.2 As a reminder, we published the following special announcement in [Qubes Canary 032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on 2022-09-14: > We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, > we have only one RSK for each major release. However, for the 4.2 release, we > will be using Qubes Builder version 2, which is a complete rewrite of the > Qubes Builder. Out of an abundance of caution, we would like to isolate the > build processes of the current stable 4.1 release and the upcoming 4.2 > release from each other at the cryptographic level in order to minimize the > risk of a vulnerability in one affecting the other. We are including this > notice as a canary special announcement since introducing a new RSK for a > minor release is an exception to our usual RSK management policy. As always, we encourage you to [authenticate](https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate) this canary by [verifying its PGP signatures](https://www.qubes-os.org/security/verifying-signatures/). Specific instructions are also included in the [canary announcement](https://www.qubes-os.org/news/2022/09/14/canary-032/). As with all Qubes signing keys, we also encourage you to