Dear Qubes Community,
The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is affected* by one or more of these XSAs.
Therefore, *user action is required*.
XSAs that affect the security of Qubes OS (user action required)
----------------------------------------------------------------
The following XSAs *do affect* the security of Qubes OS:
- XSA-378
- XSA-379
- XSA-382
Please see *QSB-070* for the actions users must take in order to protect
themselves, as well as further details about these XSAs:
<
https://www.qubes-os.org/news/2021/08/25/qsb-070/>
XSAs that do not affect the security of Qubes OS (no user action required)
--------------------------------------------------------------------------
The following XSAs *do not affect* the security of Qubes OS, and no user
action is necessary:
- XSA-380 (denial of service only)
- XSA-383 (affects only Arm systems)
Related links
-------------
- Xen Project XSA list: <
https://xenbits.xen.org/xsa/>
- Qubes XSA tracker: <
https://www.qubes-os.org/security/xsa/>
- Qubes security pack (qubes-secpack):
<
https://www.qubes-os.org/security/pack/>
- Qubes security bulletins (QSBs):
<
https://www.qubes-os.org/security/qsb/>
This announcement is also available on the Qubes website:
<
https://www.qubes-os.org/news/2021/08/25/xsas-released-on-2021-08-25/>
--
Andrew David Wong
Community Manager
The Qubes OS Project
https://www.qubes-os.org