[qubes-devel] QSB-104: GUI-related security bugs

ubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak

[qubes-devel] XSAs released on 2024-07-16

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes

[qubes-devel] QSB-103: Double unlock in x86 guest IRQ handling (XSA-458)

orted gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation

[qubes-devel] Qubes OS 4.2.2 has been released!

Dear Qubes Community, We're pleased to announce the stable release of Qubes OS 4.2.2! This patch release aims to consolidate all the security patches, bug fixes, and other updates that have occurred since the previous stable release. Our goal is to provide a secure and convenient way for users

[qubes-devel] Qubes OS 4.2.2-rc1 is available for testing

Dear Qubes Community, We're pleased to announce that the first release candidate (RC) for Qubes OS 4.2.2 is now available for testing. This patch release aims to consolidate all the security patches, bug fixes, and other updates that have occurred since the previous stable release. Our goal is

[qubes-devel] Qubes OS 4.1 has reached end-of-life; extended security support continues until 2024-07-31

Dear Qubes Community, As [previously announced](https://www.qubes-os.org/news/2024/03/26/qubes-os-4-1-reaches-eol-on-2024-06-18/), the Qubes OS 4.1 release series has officially reached end-of-life (EOL) as of today, 2024-06-18. However, Qubes OS 4.1 [will continue to receive extended

[qubes-devel] Qubes Canary 039

93C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes

[qubes-devel] Fedora 40 templates available

Dear Qubes Community, New Fedora 40 templates are now available for Qubes OS 4.2 in standard, [minimal](https://www.qubes-os.org/doc/templates/minimal/), and [Xfce](https://www.qubes-os.org/doc/templates/xfce/) varieties. There are two ways to upgrade a template to a new Fedora release: -

[qubes-devel] Debian 11 (Bullseye) approaching EOL

Dear Qubes Community, The Debian Project currently [estimates](https://wiki.debian.org/DebianReleases) that Debian 11 (Bullseye) will reach EOL (end-of-life) sometime around July 2024 (approximately two months from now). Please upgrade all of your Debian 11 templates and standalones to

[qubes-devel] Qubes OS 4.1 to receive extended security support until 2024-07-31

Dear Qubes Community, Qubes OS 4.1 will reach official end-of-life (EOL) on 2024-06-18. After this date, Qubes OS 4.1 will continue to receive extended security support until 2024-07-31. This security support extension is sponsored by [Freedom of the Press Foundation

[qubes-devel] XSAs released on 2024-05-07

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS is *not* affected. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of

Re: [qubes-devel] Qubes R4.2 EOL: No upgrade path for installations with Windows and QWT

On 4/13/24 8:56 AM, jmake2 via qubes-devel wrote: > [...] > > So, am I getting it right that QWT is not deprecated? I was afraid for a > moment. As stated in the QSB, the developers are still working on QWT, so it is not deprecated. > As it was discussed previously, the QWT package can be

Re: [qubes-devel] Qubes R4.2 EOL: No upgrade path for installations with Windows and QWT

On 4/13/24 8:15 AM, jmake2 via qubes-devel wrote: > Apr 13, 2024, 06:46 by a...@qubes-os.org: > >> On 4/12/24 4:50 AM, Gerhard Weck wrote: >> >>> [...] >>> >>> - Things may look different, if an attacker could, via the Xen PV drivers, >>> break out of a Windows VM with QWT and compromise Xen,

Re: [qubes-devel] Qubes R4.2 EOL: No upgrade path for installations with Windows and QWT

On 4/12/24 4:50 AM, Gerhard Weck wrote: > [...] > > - Things may look different, if an attacker could, via the Xen PV drivers, > break out of a Windows VM with QWT and compromise Xen, and therefore Qubes > itself. In this case, usage of a Windows VM with the insecure QWT may be > too risky in

[qubes-devel] XSAs released on 2024-04-09

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes

[qubes-devel] QSB-102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456)

S signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website &

[qubes-devel] Qubes OS 4.1 reaches EOL on 2024-06-18

Dear Qubes Community, Qubes OS 4.1 is scheduled to reach end-of-life (EOL) on 2024-06-18, approximately three months from the date of this announcement. ## Recommended actions If you're already using Qubes 4.2, then you don't have to do anything. This announcement doesn't affect you. If

[qubes-devel] Qubes OS 4.2.1 has been released!

Dear Qubes Community, We're pleased to announce the stable release of Qubes OS 4.2.1! This [patch release](#what-is-a-patch-release) aims to consolidate all the security patches, bug fixes, and other updates that have occurred since the release of Qubes 4.2.0. Our goal is to provide a secure

[qubes-devel] Update for QSB-101: Register File Data Sampling (XSA-452) and Intel Processor Return Predictions Advisory (INTEL-SA-00982)

ot; imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Docume

[qubes-devel] Update for QSB-101: Register File Data Sampling (XSA-452) and Intel Processor Return Predictions Advisory (INTEL-SA-00982)

uot;HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Document

[qubes-devel] Qubes OS 4.2.1-rc1 is available for testing

Dear Qubes Community, We're pleased to announce that the first [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.1 is now available for [testing](https://www.qubes-os.org/doc/testing/). This [patch release](#what-is-a-patch-release) aims to consolidate all the security

[qubes-devel] Qubes OS Summit 2024: September 20-22 in Berlin

Dear Qubes Community, In conjunction with [3mdeb](https://3mdeb.com/), the sixth edition of our Qubes OS Summit will be held live this year from September 20 to 22 in Berlin, Germany! For more information about this event, please see: If

[qubes-devel] XSAs released on 2024-03-12

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes

[qubes-devel] QSB-101: Register File Data Sampling (XSA-452)

ot;HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Do

[qubes-devel] Qubes Canary 038

gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key A

[qubes-devel] Qubes-certified NovaCustom NV41 Series laptop now available with Heads firmware

Dear Qubes Community, Last year, we [announced](https://www.qubes-os.org/news/2023/05/03/novacustom-nv41-series-qubes-certified/) that the [NovaCustom NV41 Series](https://novacustom.com/product/nv41-series/) became a [Qubes-certified computer](https://www.qubes-os.org/doc/certified-hardware)

[qubes-devel] XSAs released on 2024-02-27

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of

[qubes-devel] Re: Fedora 39 templates available; Fedora 38 approaching EOL

On 2/13/24 4:17 AM, Andrew David Wong wrote: > Dear Qubes Community, > > New Fedora 39 templates are now available in standard, > [minimal](https://www.qubes-os.org/doc/templates/minimal/), and > [Xfce](https://www.qubes-os.org/doc/templates/xfce/) varieties. In additio

[qubes-devel] Fedora 39 templates available; Fedora 38 approaching EOL

Dear Qubes Community, New Fedora 39 templates are now available in standard, [minimal](https://www.qubes-os.org/doc/templates/minimal/), and [Xfce](https://www.qubes-os.org/doc/templates/xfce/) varieties. In addition, Fedora 38 is currently

[qubes-devel] Whonix 17 templates available for Qubes OS 4.1

Dear Qubes Community, Until now, Whonix 17 has been available only on Qubes OS 4.2. Since [Whonix 16 reached EOL (end-of-life) on 2024-01-18](https://www.qubes-os.org/news/2023/12/22/whonix-16-approaching-eol/), this left users still on Qubes OS 4.1 without a supported way to use Whonix. In

[qubes-devel] XSAs released on 2024-01-30

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes

[qubes-devel] XSAs released on 2024-01-22

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of

[qubes-devel] QSB-099: Qrexec policy leak via policy.RegisterArgument service

gning Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)&

[qubes-devel] The Star Labs StarBook is Qubes-certified!

Dear Qubes Community, It is our pleasure to announce that the [Star Labs StarBook](https://starlabs.systems/pages/starbook) is [officially certified](https://www.qubes-os.org/doc/certified-hardware/) for Qubes OS Release 4! ## The Star Labs StarBook The [Star Labs

[qubes-devel] Whonix 16 approaching EOL

Dear Qubes Community, Whonix 16 is currently [scheduled](https://www.whonix.org/wiki/About#Qubes_Hosts) to reach EOL (end-of-life) on 2024-01-18. We strongly recommend that all Whonix users upgrade to Whonix 17 before then. For more information, see [Upgrading to avoid

[qubes-devel] Qubes OS 4.2.0 has been released!

Dear Qubes Community, Qubes OS 4.2.0 brings a host of new features, major improvements, and numerous bug fixes. The ISO and associated [verification files](https://www.qubes-os.org/security/verifying-signatures/) are available on the [downloads](https://www.qubes-os.org/downloads/) page. ##

[qubes-devel] QSB-098: CPU microcode updates not loaded with dom0 kernel version 6.6.x

gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation Signing)"

[qubes-devel] XSAs released on 2023-12-12

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of

[qubes-devel] Qubes Canary 037

Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)

[qubes-devel] Qubes OS 4.2.0-rc5 is available for testing

Dear Qubes Community, We're pleased to announce that the fifth [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

[qubes-devel] QSB-097: "Reptar" Intel redundant prefix vulnerability

imon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan N

[qubes-devel] XSAs released on 2023-11-14

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected* by at least one of these XSAs. ## XSAs that DO affect the security of Qubes OS The following XSAs *do

[qubes-devel] QSB-096: BTC/SRSO fixes not fully effective (XSA-446)

gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation Signing)"

[qubes-devel] Re: Changing the way we use milestones in the issue tracker

On 8/8/23 11:06 PM, Andrew David Wong wrote: > ## Summary > > Issues will no longer be assigned to milestones by default. Most issues won't > have milestones. The Qubes developers will manually assign issues to > milestones. We'll use labels like "affects-4.1" and &quo

[qubes-devel] Qubes OS 4.2.0-rc4 is available for testing

Dear Qubes Community, We're pleased to announce that the fourth [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

[qubes-devel] Fedora 37 approaching EOL

Dear Qubes Community, Fedora 37 is currently [scheduled](https://fedorapeople.org/groups/schedule/f-39/f-39-key-tasks.html) to reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-11-21. We strongly recommend that all users

[qubes-devel] XSAs released on 2023-10-10

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-devel] QSB-095: Missing IOMMU TLB flushing on x86 AMD systems

ecked due to a missing key gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key

[qubes-devel] XSAs released on 2023-09-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-devel] XSAs released on 2023-09-20

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] Tickets for Qubes OS Summit 2023 are now available!

Dear Qubes Community, The following announcement is from 3mdeb: [](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023-tickets.png) We have options for

[qubes-devel] Qubes Canary 036

" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation Signing

[qubes-devel] Re: The NitroPC Pro is Qubes-certified!

On 9/6/23 10:57 AM, Andrew David Wong wrote: > Dear Qubes Community, > > It is our pleasure to announce that the [NitroPC > Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is [officially > certified](https://www.qubes-os.org/doc/certified-hardware/) for Qubes

[qubes-devel] XSAs released on 2023-09-05

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] Qubes OS 4.2.0-rc3 is available for testing

Dear Qubes Community, We're pleased to announce that the third [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

[qubes-devel] Qubes OS 4.2.0-rc2 is available for testing

Dear Qubes Community, We're pleased to announce that the second [release candidate](#what-is-a-release-candidate) (RC) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). Qubes 4.2.0-rc2 is available on the [downloads](https://www.qubes-os.org/downloads/)

[qubes-devel] Re: Debian 12 templates available

> [supported template releases] Link: https://www.qubes-os.org/doc/supported-releases/#templates -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-devel] Debian 12 templates available

Dear Qubes Community, The following new templates are now available: *Qube OS 4.1* - Debian 12 - Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/) *Qubes OS 4.2-rc1* - Debian 12 - Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/) - Debian 12

[qubes-devel] CORRECTION: Qubes OS Summit 2023: OCTOBER 6-8 in Berlin

Dear Qubes Community, _My apologies for the incorrect subject line in my previous email. The correct month is OCTOBER, not September!_ In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes OS Summit will be held live this year from October 6 to 8 in Berlin, Germany!

[qubes-devel] Qubes OS Summit 2023: September 6-8 in Berlin

Dear Qubes Community, In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes OS Summit will be held live this year from October 6 to 8 in Berlin, Germany! For more information about this event, including the CFP (which is open until October 2), please see:

Re: [qubes-devel] Changing the way we use milestones in the issue tracker

On 8/10/23 3:45 AM, jma...@tutanota.com wrote: > Aug 10, 2023, 07:18 by a...@qubes-os.org: > >> On 8/9/23 8:22 AM, jmake2 via qubes-devel wrote: >> >>> [...] >>> Well, I see Marek's point. I agree, that if the problem happens to be >>> upstream it should be closed with not-our-bug or something.

Re: [qubes-devel] Changing the way we use milestones in the issue tracker

On 8/9/23 8:22 AM, jmake2 via qubes-devel wrote: > [...] > Well, I see Marek's point. I agree, that if the problem happens to be > upstream it should be closed with not-our-bug or something. And it happens > this way now quite often. > But note that Qubes OS users search for their issue and it's

Re: [qubes-devel] Changing the way we use milestones in the issue tracker

On 8/9/23 7:13 AM, Marek Marczykowski-Górecki wrote: > On Wed, Aug 09, 2023 at 03:36:03PM +0200, jmake2 via qubes-devel wrote: >> I think that the new tag/milestone system is way better and logical, well >> done. And arguments are quite convincing to me. > >> I would like to add an idea about

Re: [qubes-devel] Changing the way we use milestones in the issue tracker

On 8/9/23 6:36 AM, jmake2 via qubes-devel wrote: > I think that the new tag/milestone system is way better and logical, well > done. And arguments are quite convincing to me. > > I would like to add an idea about official templates. We know that there are > bugs in the templates, including the

[qubes-devel] XSAs released on 2023-08-08

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-devel] QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs

Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (

[qubes-devel] Changing the way we use milestones in the issue tracker

## Summary Issues will no longer be assigned to milestones by default. Most issues won't have milestones. The Qubes developers will manually assign issues to milestones. We'll use labels like "affects-4.1" and "affects-4.2" to represent affected releases instead of milestones. The "Release

[qubes-devel] QSB-092: Buffer overrun in Linux netback driver (XSA-432)

uot;HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentatio

[qubes-devel] Update for QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "

[qubes-devel] XSAs released on 2023-08-01

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] QSB-091: Windows PV drivers potentially compromised

"Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan

[qubes-devel] XSAs released on 2023-07-24

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-devel] QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

to a missing key gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A

Re: [qubes-devel] Reconsider obligatory encryption for qvm-backup to make backups much smaller and more flexible

On 7/12/23 8:47 AM, Metatron wrote: > [...] > > An additonal use case is that I occationaly build a qube for friends and > then send to them, again the mandatory encryption is an annoyance. I > could also imagine that at some point qubes users may even want to > "publish" a qube publicly. > >

[qubes-devel] Qubes OS 4.2.0-rc1 is available for testing

Dear Qubes Community, We're pleased to announce that the first [release candidate](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). This [minor release](#what-is-a-minor-release) includes several new features and

[qubes-devel] XSAs released on 2023-05-16

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] Fedora 36 reaches EOL on 2023-05-16

Dear Qubes Community, The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/annou...@lists.fedoraproject.org/thread/4GXBZJSGQ2PEKIBM2APCTLXBS6IDKSOP/) that Fedora 36 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-05-16. We

[qubes-devel] QSB-089: Qrexec: Memory corruption in service request handling

09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David

[qubes-devel] XSAs released on 2023-04-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] QSB-088: Two Xen issues affecting PV (stub-)domains (XSA-428, XSA-429)

bes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website &am

[qubes-devel] Marek Marczykowski-Górecki to be interviewed at Dasharo virtual event

Dear Qubes Community, Our project lead, [Marek Marczykowski-Górecki](https://www.qubes-os.org/team/#marek-marczykowski-górecki) will be interviewed tomorrow during the [Dasharo Developers vPub](https://vpub.dasharo.com/e/1/dasharo-user-group-1). This is a virtual event hosted by the

[qubes-devel] The Dasharo FidelisGuard Z690 is the first Qubes-certified desktop computer!

Dear Qubes Community, It is our pleasure to announce that the [Dasharo FidelisGuard Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/) has become the fourth [Qubes-certified computer](https://www.qubes-os.org/doc/certified-hardware/) for Qubes 4.X

[qubes-devel] Qubes OS 4.1.2 has been released!

Dear Qubes Community, We're pleased to announce the stable release of Qubes 4.1.2! This release aims to consolidate all the security patches, bug fixes, and upstream template OS upgrades that have occurred since the initial Qubes 4.1.0 release. Our goal is to provide a secure and convenient

[qubes-devel] Re: [CORRECTED] Qubes Canary 034

Dear Qubes Community, *Editor's note*: An earlier version of this announcement mistakenly contained the text of an older canary. This has been corrected below. As always, we encourage readers to verify the cryptographic signatures on canaries, which can always be found in the [Qubes security

[qubes-devel] XSAs released on 2023-02-14

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] Qubes OS 4.1.2-rc1 has been released!

Dear Qubes Community, We're pleased to announce the first [release candidate](#what-is-a-release-candidate) for Qubes 4.1.2! This [patch release](#what-is-a-patch-release) aims to consolidate all the security patches, bug fixes, and upstream template OS upgrades that have occurred since prior

[qubes-devel] Guest post: "TrenchBoot Anti Evil Maid for Qubes OS" by Michal Zygowski of 3mdeb

Dear Qubes Community, The following is a guest post by Michal Zygowski from [3mdeb](https://3mdeb.com/) on the work they've been doing to upgrade [Anti Evil Maid (AEM)](https://www.qubes-os.org/doc/anti-evil-maid/). The original post can be found on the [3mdeb

[qubes-devel] XSAs released on 2023-01-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

Re: [qubes-devel] Qubes is compatible with Gnome (A report & request)

On 12/22/22 5:11 PM, Howard Chen (HowardPlayzOfAdmin Gaming) wrote: > To the Devs: > > As you may see, Qubes is compatible with Gnome desktop; however, it does > not have Qubes settings icons in it may be because it's only works with > XFCE and KDE. As in the image, everything is working fine,

[qubes-devel] Support the Qubes OS Project via Proton's charity fundraiser!

Dear Qubes Community, The Qubes OS Project is grateful to have been selected as one of the beneficiaries of this year's Proton charity fundraiser alongside so many other wonderful organizations. The continued support of the privacy community means the world to us! For details about the

[qubes-devel] Fedora 35 reaches EOL on 2022-12-13

Dear Qubes Community, The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/thread/OGTVKLX7OXBYCEUQ66UY4YK3T6QHAYW5/) that Fedora 35 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2022-12-13. We

[qubes-devel] XSAs released on 2022-12-06

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-devel] Qubes Canary 033

Dear Qubes Community, We have published Qubes Canary 033. The text of this canary is reproduced below. This canary and its accompanying signatures will always be available in the Qubes security pack (qubes-secpack). View Qubes Canary 033 in the qubes-secpack:

Re: [qubes-devel] qubes-doc & rtd

On 11/28/22 8:05 AM, Marek Marczykowski-Górecki wrote: > On Tue, Nov 01, 2022 at 12:45:33PM +0100, mm wrote: >> Hi Marek, hi Andrew, hi Tobias, > >> Marek, I merged your pull request, also merged your changes into master and >> added some enhancements and created a pull request. > >> Here you

[qubes-devel] QSB-087: Qrexec: Injection of unsanitized data into log output

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 087: Qrexec: Injection of unsanitized data into log output](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-087-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying

[qubes-devel] XSAs released on 2022-11-08

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-devel] QSB-086: Speculative security issues on AMD CPUs (XSA-422)

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 086: Speculative security issues on AMD CPUs (XSA-422)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-086-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying signatures

[qubes-devel] XSAs released on 2022-11-01

Dear Qubes Community, The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes OS: - XSA-414

[qubes-devel] QSB-085: Xenstore: Guests can crash xenstored (XSA-414)

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 085: Xenstore: Guests can crash xenstored (XSA-414)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-085-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying signatures will

[qubes-devel] New user guide: How to organize your qubes

Dear Qubes Community, We have just published a new article: "New user guide: How to organize your qubes" https://www.qubes-os.org/news/2022/10/28/how-to-organize-your-qubes/ As a courtesy to plain-text email users, the plain-text source is reproduced below.

  1   2   3   4   5   6   >