XSA-289 does not affect the security of Qubes OS
8 views
Skip to first unread message
Andrew David Wong
Jan 21, 2019, 7:15:07 AM1/21/19
to qubes...@googlegroups.com, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Dear Qubes Community,
The Xen Project has published Xen Security Advisory 289 (XSA-289).
This XSA does *not* affect the security of Qubes OS, and no user
action is necessary.
XSA-289 is unusual in that it does not disclose any new
vulnerabilities. Rather, it is only for the purpose of providing
information about previously-disclosed vulnerabilities. These
vulnerabilities were all patched in Qubes OS as part of QSB #43 [1],
which we published on 2018-09-02. Therefore, XSA-289 does not affect
the security of updated Qubes OS installations. This XSA has been
added to the XSA Tracker. [2]
[1] https://www.qubes-os.org/news/2018/09/02/qsb-43/
[2] https://www.qubes-os.org/security/xsa/#289
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/01/21/xsa-289-qubes-not-affected/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlxFt70ACgkQ203TvDlQ
MDB0pg/+JxTOfMaR0aLeLefJYoPbLAAZA/T/lUp3uIkpnTdNEBxJo3ArXi5IiS/Z
FbIhlrh7W9zodj85j6xYBEK2YpenZFYpbUCXgEjCa7wanbT4daKBlYXdZ6DQ3jC+
vyZIGYx/qWPKjJmIvgLDpw5i3mi6XctGSvTGbyU5jaQ7gnqmV3lMkP9hc2bbFc1h
mbaUWsLa+ga4aq5HUAXjlc4a1r3Z+TXQirUANNwzSpR006RuuV0tZURiH5/FbfeP
B7y0JBkqhn1G2q0teAznsuqOGfC0oN7ktCWgEDNT7vYQEFztALa13aDupwx3DdcB
nIdfaFVNGPYbYyGw3+N1TirAB1WDosK0hLGiiT0RgYpiKOOe1js/vpH/k6pJAk5D
xbwTQq5W0x/sURNiAniKVXex/9RtliZVvfMAWr04TXM217eao68HNSN0VIhxAUVt
A0Je/cXa+ech0BhLrvH/02TopqxGa2bKcgSQr9IG6pomBTDxyfT+gbqz7InXiQ4L
H/dHF9uZLQsfpubL5GOv7vJDvsrfkht24VldWcH114zXDPPkNZAs8FO+ileMB4i5
hMps80Kv3KrNGfWEGcKdg856dqAlaahygSTSdAt9Exw/5JNyRVwyoHOJkZYH2hR+
sxxxPDGJOQEIbJU5cs0hZ8WyEFq5iqoRdnLW8ryHFZ3NEUHwrx8=
=CuoE
-----END PGP SIGNATURE-----
Hash: SHA512
Dear Qubes Community,
The Xen Project has published Xen Security Advisory 289 (XSA-289).
This XSA does *not* affect the security of Qubes OS, and no user
action is necessary.
XSA-289 is unusual in that it does not disclose any new
vulnerabilities. Rather, it is only for the purpose of providing
information about previously-disclosed vulnerabilities. These
vulnerabilities were all patched in Qubes OS as part of QSB #43 [1],
which we published on 2018-09-02. Therefore, XSA-289 does not affect
the security of updated Qubes OS installations. This XSA has been
added to the XSA Tracker. [2]
[1] https://www.qubes-os.org/news/2018/09/02/qsb-43/
[2] https://www.qubes-os.org/security/xsa/#289
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/01/21/xsa-289-qubes-not-affected/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlxFt70ACgkQ203TvDlQ
MDB0pg/+JxTOfMaR0aLeLefJYoPbLAAZA/T/lUp3uIkpnTdNEBxJo3ArXi5IiS/Z
FbIhlrh7W9zodj85j6xYBEK2YpenZFYpbUCXgEjCa7wanbT4daKBlYXdZ6DQ3jC+
vyZIGYx/qWPKjJmIvgLDpw5i3mi6XctGSvTGbyU5jaQ7gnqmV3lMkP9hc2bbFc1h
mbaUWsLa+ga4aq5HUAXjlc4a1r3Z+TXQirUANNwzSpR006RuuV0tZURiH5/FbfeP
B7y0JBkqhn1G2q0teAznsuqOGfC0oN7ktCWgEDNT7vYQEFztALa13aDupwx3DdcB
nIdfaFVNGPYbYyGw3+N1TirAB1WDosK0hLGiiT0RgYpiKOOe1js/vpH/k6pJAk5D
xbwTQq5W0x/sURNiAniKVXex/9RtliZVvfMAWr04TXM217eao68HNSN0VIhxAUVt
A0Je/cXa+ech0BhLrvH/02TopqxGa2bKcgSQr9IG6pomBTDxyfT+gbqz7InXiQ4L
H/dHF9uZLQsfpubL5GOv7vJDvsrfkht24VldWcH114zXDPPkNZAs8FO+ileMB4i5
hMps80Kv3KrNGfWEGcKdg856dqAlaahygSTSdAt9Exw/5JNyRVwyoHOJkZYH2hR+
sxxxPDGJOQEIbJU5cs0hZ8WyEFq5iqoRdnLW8ryHFZ3NEUHwrx8=
=CuoE
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages