XSAs released on 2022-11-01

Skip to first unread message

Andrew David Wong

Nov 1, 2022, 5:12:00 PM11/1/22
to qubes-devel, qubes-users
Dear Qubes Community,

The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- XSA-414

Please see [QSB-085](https://www.qubes-os.org/news/2022/11/01/qsb-085/) for further details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action is necessary:

- XSA-326 (denial-of-service only)
- XSA-412 (affects only version 4.16)
- XSA-415 (denial-of-service only)
- XSA-416 (denial-of-service only)
- XSA-417 (domid is never reused)
- XSA-418 (denial-of-service only)
- XSA-419 (denial-of-service only)
- XSA-420 (oxenstored is not used in Qubes OS)
- XSA-421 (denial-of-service only)

## Related links

- [Xen XSA list](https://xenbits.xen.org/xsa/)
- [Qubes XSA tracker](https://www.qubes-os.org/security/xsa/)
- [Qubes security pack (qubes-secpack)](https://www.qubes-os.org/security/pack/)
- [Qubes security bulletins (QSBs)](https://www.qubes-os.org/security/qsb/)

This announcement is also available on the Qubes website:
Reply all
Reply to author
0 new messages