The Xen Project has released one or more Xen security advisories (XSAs). The security of Qubes OS is affected. XSAs that DO affect the security of Qubes OS The following XSAs do affect the security of Qubes OS: XSA-455 See QSB-102 XSA-456 (At the time of publication, this page was missing from the...

We have published Qubes Security Bulletin (QSB) 102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456). The text of this QSB and its accompanying cryptographic signatures are reproduced below, followed by a general explanation of this announcement and authentication instructions. Qubes Security Bulletin 102...

We’re pleased to announce the stable release of Qubes OS 4.2.1! This patch release aims to consolidate all the security patches, bug fixes, and other updates that have occurred since the release of Qubes 4.2.0. Our goal is to provide a secure and convenient way for users to install (or reinstall) the latest stable Qubes release with an up-to-date ISO....

Qubes OS 4.1 is scheduled to reach end-of-life (EOL) on 2024-06-18, approximately three months from the date of this announcement. Recommended actions If you’re already using Qubes 4.2, then you don’t have to do anything. This announcement doesn’t affect you. If you’re still using Qubes 4.1, then now is the perfect opportunity to upgrade,...

Update (2024-03-25): Marek Marczykowski-Górecki’s PGP signature is now available. We have updated Qubes Security Bulletin (QSB) 101: Register File Data Sampling (XSA-452) and Intel Processor Return Predictions Advisory (INTEL-SA-00982). The text of this updated QSB (including a changelog) and its accompanying cryptographic signatures are reproduced...