XSAs released on 2021-11-23
The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS is affected. Therefore, user action is required.
XSAs that affect the security of Qubes OS (user action required)
The following XSAs do affect the security of Qubes OS:
- XSA-388
- XSA-389
Please see QSB-074 for the actions users must take in order to protect themselves, as well as further details about these XSAs:
https://www.qubes-os.org/news/2021/11/24/qsb-074/
XSAs that do not affect the security of Qubes OS (no user action required)
The following XSAs do not affect the security of Qubes OS, and no user action is necessary:
- XSA-385 (DoS only; Qubes has BIGMEM disabled)
- XSA-387 (Qubes has grant tables v2 disabled)
Related links
- Xen XSA list: https://xenbits.xen.org/xsa/
- Qubes XSA tracker: https://www.qubes-os.org/security/xsa/
- Qubes security pack (qubes-secpack): https://www.qubes-os.org/security/pack/
- Qubes security bulletins (QSBs): https://www.qubes-os.org/security/qsb/