├── .gitignore ├── .gitlab-ci.yml ├── 2016-12-13-canary-10.md ├── 2016-04-06-article-about-qubes-os-in-linuxinsider.md ├── 2014-11-20-article-about-qubes-os-in-wired.md ├── 2016-04-11-article-about-qubes-os-in-distrowatch.md ├── 2015-10-08-article-about-qubes-os-in-fossbytes.md ├── 2016-03-12-logan-cij-2016-future-of-os.md ├── 2016-11-22-qsb-27.md ├── 2015-12-08-joanna-rutkowska-next-generation-threats-2015.md ├── 2016-11-09-article-on-qubes-os-3-2-in-lwn-net-by-nate-drake.md ├── 2010-09-28-itl-to-hire-qubes-os-developers.md ├── 2015-10-06-article-about-qubes-os-in-the-hacker-news.md ├── 2010-10-06-qubes-alpha-3-is-out.md ├── 2011-09-19-Qubes-beta-2-has-been-released.md ├── 2014-03-28-article-about-qubes-os-in-the-economist.md ├── 2016-05-27-article-about-qubes-os-in-linux-journal.md ├── .travis.yml ├── 2010-04-07-initial-public-release.md ├── 2024-06-15-demi-marie-obenour-reasonably-secure-gpu-acceleration.md ├── 2015-10-01-qubes-OS-3-0-has-been-released.md ├── 2012-09-03-qubes-1-has-been-released.md ├── 2013-03-21-introducing-qubes-odyssey-framework.md ├── 2015-12-27-joanna-rutkowska-towards-reasonably-trustworthy-x86-laptops.md ├── 2024-06-15-marek-marczykowski-gorecki-linux-stubdomains-status-update.md ├── 2010-04-16-joanna-rutkowska-speaks-about-qubes-at-campus-party-eu.md ├── 2012-02-06-qubes-1-beta-3-has-been-released.md ├── 2015-07-31-qubes-os-3-0-rc2-has-been-released.md ├── 2015-09-16-qubes-OS-3-0-rc3-has-been-released.md ├── 2010-07-01-qubes-alpha-2-has-been-released.md ├── 2012-03-03-windows-support-coming-to-qubes.md ├── 2014-09-26-qubes-os-r2-has-been-released.md ├── 2011-04-11-qubes-beta-1-has-been-released.md ├── 2015-04-23-qubes-os-3-0-rc1-has-been-released.md ├── 2013-02-28-qubes-2-beta-2-has-been-released.md ├── 2014-04-12-article-about-qubes-os.md ├── 2015-12-14-article-about-qubes-os-in-arstechnica.md ├── 2024-06-10-marta-marczykowska-goreckas-prototype-fund-project-streamlining-qubes-os-device-management.md ├── 2024-06-15-marek-marczykowski-gorecki-host-and-guest-suspend-under-xen-s3-and-s0ix.md ├── 2011-09-28-playing-with-qubes-networking-for-fun-and-profit.md ├── 2014-02-21-qubes-os-r2-rc1-has-been-released.md ├── 2014-08-06-qubes-os-r2-rc2-has-been-released.md ├── 2011-03-13-partitioning-ones-digital-life-into-security-domains.md ├── 2013-06-21-qubes-os-r3-alpha-preview-odyssey-hal-in-action.md ├── 2013-12-11-qubes-os-r2-beta-3-has-been-released.md ├── 2015-08-10-qubes-os-3-0-rc2-liveusb-alpha-has-been-released.md ├── 2024-04-04-when-security-matters-working-with-qubes-os-at-the-guardian.md ├── 2012-12-14-qubes-2-beta-1-has-been-released.md ├── 2012-09-12-how-is-qubes-os-different-from-other-approaches-to-desktop-security.md ├── 2013-11-26-windows-7-seamless-gui-integration-coming-to-qubes-os.md ├── 2012-11-16-qubes-security-team-has-joined-the-xen-security-pre-disclousre-list.md ├── 2016-08-10-marek-marczykowski-gorecki-improving-client-systems-security.md ├── 2014-02-16-qubes-selected-as-a-finalist-of-access-innovation-prize.md ├── 2014-07-03-itl-presents-on-qubes-os-at-linuxcon-europe.md ├── 2014-07-16-the-qubes-website-now-uses-a-ca-signed-ssl-cert.md ├── 2014-08-19-linuxcon-eu-2014-slides.md ├── 2015-10-05-article-about-qubes-os-in-motherboard.md ├── 2022-07-29-qubes-os-summit-2022.md ├── 2017-03-28-xsa-206.md ├── 2017-08-23-xsa-235.md ├── 2017-09-28-xsa-245.md ├── 2018-01-04-xsa-253-qubes-not-affected.md ├── 2025-11-16-qubes-at-fosdem-2026.md ├── 2019-06-13-xsa-295-qubes-not-affected.md ├── 2019-07-09-xsa-300-qubes-not-affected.md ├── 2019-11-13-xsa-304-qubes-not-affected.md ├── 2020-01-15-xsa-312-qubes-not-affected.md ├── 2020-03-12-xsa-315-qubes-not-affected.md ├── 2020-07-16-xsa-329-qubes-not-affected.md ├── 2020-08-24-xsa-335-qubes-not-affected.md ├── 2017-02-27-google-summer-of-code-2017.md ├── 2018-07-25-xsa-274-qubes-not-affected.md ├── 2024-08-05-qubes-os-summit-2024-last-call-for-proposals.md ├── 2018-10-24-xsa-278-qubes-not-affected.md ├── 2018-11-06-xsa-282-qubes-not-affected.md ├── 2024-03-13-qubes-os-summit-2024.md ├── 2023-08-25-qubes-os-summit-2023.md ├── 2022-03-23-qubes-os-configuration-survey.md ├── 2016-12-17-interview-the-new-screen-savers.md ├── 2021-05-01-new-app-menu-survey.md ├── 2018-04-25-xsa-258-259-qubes-not-affected.md ├── 2016-07-04-marek-marczykowski-gorecki-presents-at-rmll-2016.md ├── 2019-12-11-xsa-307-308-309-qubes-not-affected.md ├── 2016-10-28-qubes-announce.md ├── 2016-10-11-marek-marczykowski-gorecki-security-pwning-conference-2016.md ├── 2018-02-27-xsa-252-255-256-qubes-not-affected.md ├── 2018-06-27-xsa-264-265-266-qubes-not-affected.md ├── 2017-12-12-xsa-245-251-qubes-not-affected.md ├── 2024-09-19-reminder-qubes-os-summit-2024-starts-tomorrow.md ├── 2018-12-27-introduction-to-qubes-at-35c3.md ├── 2024-08-11-qubes-os-summit-2024-tickets-now-available.md ├── 2023-09-19-tickets-for-qubes-os-summit-2023-now-available.md ├── 2018-11-20-xsa-276-277-279-qubes-not-affected.md ├── 2019-10-31-xsa-296-298-301-303-qubes-not-affected.md ├── 2020-04-15-xsa-313-314-316-318-qubes-not-affected.md ├── 2020-07-07-xsa-317-319-327-328-qubes-not-affected.md ├── 2020-09-20-get-paid-to-support-qubes-development-through-automated-testing.md ├── 2017-09-13-joanna-rutkowska-secure-computing-decentralized-world.md ├── 2019-04-30-qubes-os-accepted-into-season-of-docs.md ├── 2016-09-02-qubes-os-3-0-eol-on-2016-09-09.md ├── 2017-02-01-qubes-project.md ├── 2017-03-01-qubes-os-3-1-eol-on-2017-03-29.md ├── 2022-12-16-proton-charity-fundraiser.md ├── 2018-06-17-marek-marczykowski-gorecki-xen-summit-2018.md ├── 2018-08-03-micah-lee-hope-conf-2018.md ├── 2018-08-14-xsa-268-269-271-272-qubes-not-affected.md ├── 2021-04-10-get-paid-to-support-qubes-development-through-automated-testing.md ├── 2016-02-24-qubes-OS-3-1-rc3-has-been-released.md ├── 2016-11-19-qubes-at-33C3.md ├── 2019-03-05-xsa-284-290-291-293-294-qubes-not-affected.md ├── 2018-05-24-partnering-with-the-freedom-of-the-press-foundation.md ├── 2019-01-21-xsa-289-qubes-not-affected.md ├── 2021-01-22-xsas-released-on-2021-01-21.md ├── 2016-08-31-qubes-OS-3-2-rc3-has-been-released.md ├── 2020-09-22-xsa-333-334-336-338-339-342-344-qubes-not-affected.md ├── 2022-07-26-xsas-released-on-2022-07-26.md ├── 2021-03-18-xsas-released-on-2021-03-18.md ├── 2021-03-30-xsas-released-on-2021-03-30.md ├── 2019-03-28-qubes-3-2-has-reached-eol.md ├── 2021-03-04-xsas-released-on-2021-03-04.md ├── 2020-05-22-moss-mission-partners-award.md ├── 2019-08-07-announcing-our-2019-season-of-docs-project.md ├── 2020-10-20-xsa-286-331-332-345-qubes-not-affected.md ├── 2021-09-08-xsas-released-on-2021-09-08.md ├── 2022-10-11-xsas-released-on-2022-10-11.md ├── 2021-11-19-xsas-released-on-2021-11-19.md ├── 2021-02-19-xsas-released-on-2021-02-18.md ├── 2019-06-27-marek-marczykowski-gorecki-xen-summit-2019.md ├── 2025-07-17-qubes-os-summit-2025-tickets-now-available.md ├── 2021-12-20-xsas-released-on-2021-12-20.md ├── 2018-01-23-qubes-whonix-next-gen-tor-onion-services.md ├── 2020-10-09-calling-all-humans.md ├── 2024-03-03-novacustom-nv41-series-with-heads-certified.md ├── 2019-07-01-whonix-15-has-been-released.md ├── 2019-02-20-qubes-3-2-approaching-eol.md ├── 2021-10-07-xsas-released-on-2021-10-05.md ├── 2016-07-28-qubes-OS-3-2-rc2-has-been-released.md ├── 2018-01-04-xsa-254-meltdown-spectre.md ├── 2021-05-04-xsas-released-on-2021-05-04.md ├── 2021-02-17-xsas-released-on-2021-02-16.md ├── 2022-03-10-xsas-released-on-2022-03-08.md ├── 2022-03-10-xsas-released-on-2022-03-10.md ├── 2022-06-17-xsas-released-on-2022-06-14.md ├── 2022-07-13-xsas-released-on-2022-07-12.md ├── 2021-06-08-xsas-released-on-2021-06-08.md ├── 2022-06-09-xsas-released-on-2022-06-09.md ├── 2022-07-05-xsas-released-on-2022-07-05.md ├── 2022-04-05-xsas-released-on-2022-04-05.md ├── 2025-07-08-qubes-os-summit-2025-call-for-sponsors.md ├── 2021-11-14-whonix-15-eol.md ├── 2022-01-25-xsas-released-on-2022-01-25.md ├── 2023-12-22-whonix-16-approaching-eol.md ├── 2017-06-05-qubes-donation-update.md ├── 2024-09-22-qubes-os-summit-2024-has-concluded-videos-now-available.md ├── 2025-05-20-qubes-certified-novacustom-v54-v56-now-available-with-heads.md ├── 2021-09-30-whonix-16-template-available.md ├── 2019-03-24-tor-onion-services-no-longer-maintained.md ├── 2021-11-24-xsas-released-on-2021-11-23.md ├── 2023-03-03-fedora-37-templates-available.md ├── 2017-03-21-xsa-tracker.md ├── 2019-05-30-fedora-30-template-available.md ├── 2024-12-07-fedora-41-templates-available.md ├── 2021-08-25-xsas-released-on-2021-08-25.md ├── 2025-09-30-qubes-os-summit-2025-videos-and-slides.md ├── 2024-02-05-whonix-17-templates-available-for-qubes-os-4-1.md ├── 2024-08-01-extended-security-support-for-qubes-os-4-1-has-ended.md ├── 2022-08-04-qubes-4-0-has-reached-eol.md ├── 2019-09-18-qubes-presentations-at-platform-security-summit-2019.md ├── 2020-06-30-fedora-32-templates-available.md ├── 2019-01-07-fedora-29-template-available.md ├── 2020-12-16-xsas-released-on-2020-12-15.md ├── 2020-11-24-fedora-31-eol.md ├── 2024-06-12-fedora-40-templates-available.md ├── 2019-05-29-fedora-28-eol.md ├── 2019-11-29-fedora-29-eol.md ├── 2023-05-26-fedora-38-templates-available.md ├── 2021-12-07-debian-11-templates-available.md ├── 2021-06-11-qubes-os-project-now-accepting-donations-in-monero.md ├── 2018-11-30-fedora-27-eol.md ├── 2022-12-08-fedora-35-reaches-eol-on-2022-12-13.md ├── 2025-09-11-qubes-documentation-has-successfully-migrated-to-read-the-docs.md ├── 2019-07-09-qubes-4-0-2-rc1.md ├── 2023-05-11-fedora-36-reaches-eol-on-2023-05-16.md ├── 2021-05-25-fedora-32-eol.md ├── 2024-09-13-fedora-39-approaching-end-of-life.md ├── 2020-05-23-google-summer-of-code-and-season-of-docs-2020.md ├── 2021-03-04-qubes-4-0-4.md ├── 2016-11-15-fedora-24-template-available.md ├── 2021-04-29-fedora-32-approaching-eol.md ├── 2025-03-16-fedora-40-approaching-end-of-life.md ├── 2023-08-27-debian-12-templates-available.md ├── 2020-04-30-fedora-31-template-available.md ├── 2022-06-07-fedora-34-eol.md ├── 2024-09-24-xsas-released-on-2024-09-24.md ├── 2025-02-27-xsas-released-on-2025-02-27.md ├── 2025-07-01-xsas-released-on-2025-07-01.md ├── 2023-12-12-xsas-released-on-2023-12-12.md ├── 2024-02-05-xsas-released-on-2024-01-22.md ├── 2024-02-27-xsas-released-on-2024-02-27.md ├── 2024-05-08-xsas-released-on-2024-05-07.md ├── 2025-05-15-xsas-released-on-2025-05-12.md ├── 2025-05-27-xsas-released-on-2025-05-27.md ├── 2025-07-11-xsas-released-on-2025-07-08.md ├── 2022-05-26-fedora-34-approaching-eol-fedora-35-templates-available.md ├── 2025-10-24-xsas-released-on-2025-10-24.md └── 2023-02-15-xsas-released-on-2023-02-14.md /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: 'QubesOS/qubes-continuous-integration' 3 | file: '/gitlab-website.yml' 4 | 5 | build:posts: 6 | extends: .website 7 | -------------------------------------------------------------------------------- /2016-12-13-canary-10.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Canary #10" 4 | date: 2016-12-13 5 | categories: security 6 | redirect_to: 7 | - https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-010-2016.txt 8 | --- 9 | -------------------------------------------------------------------------------- /2016-04-06-article-about-qubes-os-in-linuxinsider.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *LinuxInsider*" 4 | date: 2016-04-06 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - http://www.linuxinsider.com/story/83323.html 9 | --- 10 | -------------------------------------------------------------------------------- /2014-11-20-article-about-qubes-os-in-wired.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *Wired*" 4 | date: 2014-11-20 5 | categories: 6 | - press 7 | author: Qubes OS 8 | redirect_to: 9 | - https://www.wired.com/2014/11/protection-from-hackers/ 10 | --- 11 | -------------------------------------------------------------------------------- /2016-04-11-article-about-qubes-os-in-distrowatch.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *DistroWatch*" 4 | date: 2016-04-11 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://distrowatch.com/weekly.php?issue=20160411#qubes 9 | --- 10 | -------------------------------------------------------------------------------- /2015-10-08-article-about-qubes-os-in-fossbytes.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *fossBytes*" 4 | date: 2015-10-08 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://fossbytes.com/qubes-os-most-secure-operating-system-xen/ 9 | --- 10 | -------------------------------------------------------------------------------- /2016-03-12-logan-cij-2016-future-of-os.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Logan CIJ 2016: Future of OS (Qubes, Subgraph, and Tails)" 4 | date: 2016-03-12 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://www.youtube.com/watch?v=Nol8kKoB-co 9 | --- 10 | -------------------------------------------------------------------------------- /2016-11-22-qsb-27.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Security Bulletin #27: Xen 64-bit bit test instruction emulation broken (XSA 195)" 4 | date: 2016-11-22 5 | categories: security 6 | redirect_to: 7 | - https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-027-2016.txt 8 | --- 9 | -------------------------------------------------------------------------------- /2015-12-08-joanna-rutkowska-next-generation-threats-2015.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Joanna Rutkowska, Next Generation Threats 2015" 4 | date: 2015-12-08 5 | categories: talks 6 | author: Qubes OS 7 | redirect_to: 8 | - https://www.youtube.com/watch?v=E6zOqznGn5o 9 | --- 10 | -------------------------------------------------------------------------------- /2016-11-09-article-on-qubes-os-3-2-in-lwn-net-by-nate-drake.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS 3.2 on LWN.net by Nate Drake" 4 | date: 2016-11-09 5 | categories: press 6 | author: Andrew David Wong 7 | redirect_to: 8 | - https://lwn.net/Articles/705827/ 9 | --- 10 | -------------------------------------------------------------------------------- /2010-09-28-itl-to-hire-qubes-os-developers.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "ITL to hire Qubes OS developers" 4 | date: 2010-09-28 5 | categories: 6 | - announcements 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2010/09/28/itl-is-hiring.html 10 | --- 11 | -------------------------------------------------------------------------------- /2015-10-06-article-about-qubes-os-in-the-hacker-news.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *The Hacker News*" 4 | date: 2015-10-06 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://thehackernews.com/2015/10/secure-operating-system.html 9 | --- 10 | -------------------------------------------------------------------------------- /2010-10-06-qubes-alpha-3-is-out.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Alpha 3 is out!" 4 | date: 2010-10-06 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2010/10/06/qubes-alpha-3.html 11 | --- 12 | -------------------------------------------------------------------------------- /2011-09-19-Qubes-beta-2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Beta 2 has been released" 4 | date: 2011-09-19 5 | categories: 6 | - releases 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2011/09/19/qubes-beta-2-released.html 10 | --- 11 | -------------------------------------------------------------------------------- /2014-03-28-article-about-qubes-os-in-the-economist.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *The Economist*" 4 | date: 2014-03-28 5 | categories: 6 | - press 7 | author: Qubes OS 8 | redirect_to: 9 | - https://www.economist.com/blogs/babbage/2014/03/computer-security 10 | --- 11 | -------------------------------------------------------------------------------- /2016-05-27-article-about-qubes-os-in-linux-journal.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *Linux Journal*" 4 | date: 2016-05-27 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://www.linuxjournal.com/content/secure-desktops-qubes-introduction 9 | --- 10 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: ruby 2 | dist: trusty 3 | rvm: 4 | - 2.5 5 | install: git clone https://github.com/${TRAVIS_REPO_SLUG%%/*}/qubesos.github.io ~/qubesos.github.io 6 | script: ~/qubesos.github.io/_utils/travis.sh 7 | addons: 8 | apt: 9 | packages: 10 | - hunspell 11 | - pandoc 12 | - jq 13 | -------------------------------------------------------------------------------- /2010-04-07-initial-public-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Initial public release" 4 | date: 2010-04-07 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2010/04/07/introducing-qubes-os.html 11 | --- 12 | -------------------------------------------------------------------------------- /2024-06-15-demi-marie-obenour-reasonably-secure-gpu-acceleration.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Demi Marie Obenour: Reasonably Secure GPU Acceleration (youtube.com)" 4 | categories: talks 5 | redirect_to: 6 | - https://www.youtube.com/watch?v=FrKEUVB-BYM&list=PLQMQQsKgvLntZiKoELFs22Mtk-tBNNOMJ 7 | --- 8 | -------------------------------------------------------------------------------- /2015-10-01-qubes-OS-3-0-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 has been released!" 4 | date: 2015-10-01 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2015/10/01/qubes-30.html 11 | --- 12 | -------------------------------------------------------------------------------- /2012-09-03-qubes-1-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes 1 has been released!" 4 | date: 2012-09-03 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2012/09/03/introducing-qubes-10.html 11 | --- 12 | -------------------------------------------------------------------------------- /2013-03-21-introducing-qubes-odyssey-framework.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Introducing Qubes Odyssey Framework" 4 | date: 2013-03-21 5 | categories: 6 | - articles 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2013/03/21/introducing-qubes-odyssey-framework.html 10 | --- 11 | -------------------------------------------------------------------------------- /2015-12-27-joanna-rutkowska-towards-reasonably-trustworthy-x86-laptops.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Joanna Rutkowska: Towards (reasonably) trustworthy x86 laptops" 4 | date: 2015-12-27 5 | categories: talks 6 | author: Qubes OS 7 | redirect_to: 8 | - https://www.youtube.com/watch?v=rcwngbUrZNg 9 | --- 10 | -------------------------------------------------------------------------------- /2024-06-15-marek-marczykowski-gorecki-linux-stubdomains-status-update.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Marek Marczykowski-Górecki: Linux Stubdomains Status Update (youtube.com)" 4 | categories: talks 5 | redirect_to: 6 | - https://www.youtube.com/watch?v=3Lg5iTmXl-I&list=PLQMQQsKgvLntZiKoELFs22Mtk-tBNNOMJ 7 | --- 8 | -------------------------------------------------------------------------------- /2010-04-16-joanna-rutkowska-speaks-about-qubes-at-campus-party-eu.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Joanna Rutkowska speaks about Qubes at Campus Party EU" 4 | date: 2010-04-16 5 | categories: 6 | - talks 7 | author: Qubes OS 8 | --- 9 | 10 | Joanna Rutkowska is speaking at [Campus Party](http://www.campus-party.eu) 11 | -------------------------------------------------------------------------------- /2012-02-06-qubes-1-beta-3-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes 1 Beta 3 has been released!" 4 | date: 2012-02-06 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2012/02/06/qubes-beta-3.html 11 | --- 12 | -------------------------------------------------------------------------------- /2015-07-31-qubes-os-3-0-rc2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 rc2 has been released!" 4 | date: 2015-07-31 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Qubes OS 9 | redirect_to: 10 | - https://groups.google.com/d/msg/qubes-users/jw9CdQepMPE/95HQDF6QBwAJ 11 | --- 12 | -------------------------------------------------------------------------------- /2015-09-16-qubes-OS-3-0-rc3-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 rc3 has been released!" 4 | date: 2015-09-16 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Qubes OS 9 | redirect_to: 10 | - https://groups.google.com/d/msg/qubes-users/v-eTHh3JLo0/AlaBthwhLQAJ 11 | --- 12 | -------------------------------------------------------------------------------- /2010-07-01-qubes-alpha-2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Alpha 2 has been released!" 4 | date: 2010-07-10 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2010/07/01/qubes-alpha-2-released.html 11 | --- 12 | -------------------------------------------------------------------------------- /2012-03-03-windows-support-coming-to-qubes.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Windows support coming to Qubes!" 4 | date: 2012-03-03 5 | categories: 6 | - announcements 7 | - windows 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2012/03/03/windows-support-coming-to-qubes.html 11 | --- 12 | -------------------------------------------------------------------------------- /2014-09-26-qubes-os-r2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS R2 has been released" 4 | date: 2014-09-26 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2014/09/26/announcing-qubes-os-release-2.html 11 | --- 12 | -------------------------------------------------------------------------------- /2011-04-11-qubes-beta-1-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Beta 1 has been released" 4 | date: 2011-04-11 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2011/04/12/qubes-beta-1-has-been-released.html 11 | --- 12 | -------------------------------------------------------------------------------- /2015-04-23-qubes-os-3-0-rc1-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 rc1 has been released!" 4 | date: 2015-04-23 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2015/04/23/qubes-30rc1-and-roadmap.html 11 | --- 12 | -------------------------------------------------------------------------------- /2013-02-28-qubes-2-beta-2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes 2 Beta 2 has been released!" 4 | date: 2013-02-28 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2013/02/28/qubes-2-beta-2-has-been-released.html 11 | --- 12 | -------------------------------------------------------------------------------- /2014-04-12-article-about-qubes-os.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS by the Freedom of the Press Foundation" 4 | date: 2014-04-12 5 | categories: 6 | - press 7 | author: Qubes OS 8 | redirect_to: 9 | - https://pressfreedomfoundation.org/blog/2014/04/operating-system-can-protect-you-even-if-you-get-hacked 10 | --- 11 | -------------------------------------------------------------------------------- /2015-12-14-article-about-qubes-os-in-arstechnica.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *Ars Technica*" 4 | date: 2015-12-14 5 | categories: press 6 | author: Qubes OS 7 | redirect_to: 8 | - https://arstechnica.co.uk/gadgets/2015/12/qubes-os-will-ship-pre-installed-on-purisms-security-focused-librem-13-laptop/ 9 | --- 10 | -------------------------------------------------------------------------------- /2024-06-10-marta-marczykowska-goreckas-prototype-fund-project-streamlining-qubes-os-device-management.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Marta Marczykowska-Górecka's Prototype Fund project: Streamlining Qubes OS device management (youtube.com)" 4 | categories: press 5 | redirect_to: 6 | - https://www.youtube.com/watch?v=TJ3Lg6A_LMo 7 | --- 8 | -------------------------------------------------------------------------------- /2024-06-15-marek-marczykowski-gorecki-host-and-guest-suspend-under-xen-s3-and-s0ix.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Marek Marczykowski-Górecki: Host and Guest Suspend Under Xen - S3 and S0ix (youtube.com)" 4 | categories: talks 5 | redirect_to: 6 | - https://www.youtube.com/watch?v=4UUEt4rll6U&list=PLQMQQsKgvLntZiKoELFs22Mtk-tBNNOMJ 7 | --- 8 | -------------------------------------------------------------------------------- /2011-09-28-playing-with-qubes-networking-for-fun-and-profit.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Playing with Qubes Networking for Fun and Profit" 4 | date: 2011-09-28 5 | categories: 6 | - articles 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2011/09/28/playing-with-qubes-networking-for-fun.html 10 | --- 11 | -------------------------------------------------------------------------------- /2014-02-21-qubes-os-r2-rc1-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS R2 rc1 has been released!" 4 | date: 2014-02-21 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2014/04/20/qubes-os-r2-rc1-has-been-released.html 11 | --- 12 | -------------------------------------------------------------------------------- /2014-08-06-qubes-os-r2-rc2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS R2 rc2 has been released!" 4 | date: 2014-08-06 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2014/08/06/qubes-os-r2-rc2-debian-template-ssled.html 11 | --- 12 | -------------------------------------------------------------------------------- /2011-03-13-partitioning-ones-digital-life-into-security-domains.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Partitioning ones digital life into security domains" 4 | date: 2011-03-13 5 | categories: 6 | - articles 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2011/03/13/partitioning-my-digital-life-into.html 10 | --- 11 | -------------------------------------------------------------------------------- /2013-06-21-qubes-os-r3-alpha-preview-odyssey-hal-in-action.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS R3 Alpha preview: Odyssey HAL in action!" 4 | date: 2013-06-21 5 | categories: 6 | - announcements 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2013/06/21/qubes-os-r3-alpha-preview-odyssey-hal.html 10 | --- 11 | -------------------------------------------------------------------------------- /2013-12-11-qubes-os-r2-beta-3-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS R2 Beta 3 has been released!" 4 | date: 2013-12-11 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2013/12/10/qubes-r2-beta-3-has-been-released.html 11 | --- 12 | -------------------------------------------------------------------------------- /2015-08-10-qubes-os-3-0-rc2-liveusb-alpha-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 rc2 LiveUSB (alpha) has been released!" 4 | date: 2015-08-10 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Qubes OS 9 | redirect_to: 10 | - https://groups.google.com/d/msg/qubes-users/IQdCEpkooto/iyMh3LuzCAAJ 11 | --- 12 | -------------------------------------------------------------------------------- /2024-04-04-when-security-matters-working-with-qubes-os-at-the-guardian.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "When security matters: working with Qubes OS at the Guardian (theguardian.com)" 4 | date: 2024-04-04 5 | categories: press 6 | redirect_to: 7 | - https://www.theguardian.com/info/2024/apr/04/when-security-matters-working-with-qubes-os-at-the-guardian 8 | --- 9 | -------------------------------------------------------------------------------- /2012-12-14-qubes-2-beta-1-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes 2 Beta 1 has been released!" 4 | date: 2012-12-14 5 | categories: 6 | - releases 7 | - windows 8 | download_url: /downloads/ 9 | author: Joanna Rutkowska 10 | redirect_to: 11 | - https://blog.invisiblethings.org/2012/12/14/qubes-2-beta-1-with-initial-windows.html 12 | --- 13 | -------------------------------------------------------------------------------- /2012-09-12-how-is-qubes-os-different-from-other-approaches-to-desktop-security.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "How is Qubes OS different from other approaches to desktop security?" 4 | date: 2012-09-12 5 | categories: 6 | - articles 7 | author: Joanna Rutkowska 8 | redirect_to: 9 | - https://blog.invisiblethings.org/2012/09/12/how-is-qubes-os-different-from.html 10 | --- 11 | -------------------------------------------------------------------------------- /2013-11-26-windows-7-seamless-gui-integration-coming-to-qubes-os.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Windows 7 seamless GUI integration coming to Qubes OS!" 4 | date: 2013-11-26 5 | categories: 6 | - announcements 7 | - windows 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://blog.invisiblethings.org/2013/11/26/windows-7-seamless-gui-integration.html 11 | --- 12 | -------------------------------------------------------------------------------- /2012-11-16-qubes-security-team-has-joined-the-xen-security-pre-disclousre-list.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Security Team has joined the Xen Security Pre-disclousre list" 4 | date: 2012-11-16 5 | categories: 6 | - announcements 7 | - security 8 | author: Joanna Rutkowska 9 | redirect_to: 10 | - https://lists.xen.org/archives/html/xen-devel/2012-11/msg00821.html 11 | --- 12 | -------------------------------------------------------------------------------- /2016-08-10-marek-marczykowski-gorecki-improving-client-systems-security.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Marek Marczykowski-Górecki: Improving client systems security with Qubes OS (RMLL 2016)" 4 | date: 2016-08-10 5 | categories: talks 6 | author: Andrew David Wong 7 | redirect_to: 8 | - https://rmll.ubicast.tv/videos/improving-client-systems-security-with-qubes-os/ 9 | --- 10 | -------------------------------------------------------------------------------- /2014-02-16-qubes-selected-as-a-finalist-of-access-innovation-prize.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS selected as a finalist of Access Innovation Prize 2014 for Endpoint Security Solution" 4 | date: 2014-02-16 5 | categories: 6 | - announcements 7 | author: Qubes OS 8 | redirect_to: 9 | - https://www.accessnow.org/blog/2014/02/13/endpoint-security-prize-finalists-announced 10 | --- 11 | -------------------------------------------------------------------------------- /2014-07-03-itl-presents-on-qubes-os-at-linuxcon-europe.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "ITL presents on Qubes OS at LinuxCon Europe" 4 | date: 2014-07-03 5 | categories: 6 | - talks 7 | author: Qubes OS 8 | --- 9 | 10 | ITL presents on Qubes OS at LinuxCon Europe: a keynote by Joanna Rutkowska and hands-on training by the core dev team! 11 | 12 | - [Conference Website](http://events.linuxfoundation.org/events/linuxcon-europe) 13 | -------------------------------------------------------------------------------- /2014-07-16-the-qubes-website-now-uses-a-ca-signed-ssl-cert.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "The Qubes website now uses a CA-signed SSL cert" 4 | date: 2014-07-16 5 | categories: 6 | - announcements 7 | author: Joanna Rutkowska 8 | --- 9 | 10 | The Qubes website now uses a CA-signed SSL cert (but *note that this is mostly irrelevant*) 11 | 12 | - [Read the announcment](https://groups.google.com/forum/#!topic/qubes-users/LsDpKnwN6w8) 13 | -------------------------------------------------------------------------------- /2014-08-19-linuxcon-eu-2014-slides.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "LinuxCon EU 2014 slides" 4 | date: 2014-08-19 5 | categories: 6 | - talks 7 | author: Qubes OS 8 | --- 9 | 10 | Here is our presentation from LinuxCon 2014 11 | 12 | - [Download Keynote](https://invisiblethingslab.com/resources/2014/LinuxCon_2014_Qubes_Keynote.pdf) 13 | - [Download Tutorial](https://invisiblethingslab.com/resources/2014/LinuxCon_2014_Qubes_Tutorial.pdf) 14 | -------------------------------------------------------------------------------- /2015-10-05-article-about-qubes-os-in-motherboard.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Article about Qubes OS in *Motherboard*" 4 | date: 2015-10-05 5 | categories: 6 | - press 7 | author: Qubes OS 8 | redirect_to: 9 | - https://motherboard.vice.com/read/finally-a-reasonably-secure-operating-system-qubes-r3 10 | --- 11 | 12 | [Article about Qubes OS in *Motherboard*](https://motherboard.vice.com/read/finally-a-reasonably-secure-operating-system-qubes-r3) 13 | -------------------------------------------------------------------------------- /2022-07-29-qubes-os-summit-2022.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2022: September 9-11 in Berlin" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | In conjunction with [3mdeb](https://3mdeb.com/), the fourth edition of our Qubes OS Summit will be held live this year from September 9 to 11 in Berlin, Germany! For more information about this event, including the CFP (which is open until August 29), please see: 10 | -------------------------------------------------------------------------------- /2017-03-28-xsa-206.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-206 does not affect the security of Qubes OS" 4 | date: 2017-03-28 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 206 (XSA-206). 10 | This XSA does **not** affect the security of Qubes OS, and no user action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker](/security/xsa/): 13 | 14 | [https://www.qubes-os.org/security/xsa/#206](/security/xsa/#206) 15 | 16 | -------------------------------------------------------------------------------- /2017-08-23-xsa-235.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-235 does not affect the security of Qubes OS" 4 | date: 2017-08-23 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 235 (XSA-235). 10 | This XSA does **not** affect the security of Qubes OS, and no user action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker](/security/xsa/): 13 | 14 | [https://www.qubes-os.org/security/xsa/#235](/security/xsa/#235) 15 | 16 | -------------------------------------------------------------------------------- /2017-09-28-xsa-245.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-245 does not affect the security of Qubes OS" 4 | date: 2017-09-28 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 245 (XSA-245). 10 | This XSA does **not** affect the security of Qubes OS, and no user action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker](/security/xsa/): 13 | 14 | [https://www.qubes-os.org/security/xsa/#245](/security/xsa/#245) 15 | 16 | -------------------------------------------------------------------------------- /2018-01-04-xsa-253-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-253 does not affect the security of Qubes OS" 4 | date: 2018-01-04 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 253 (XSA-253). 10 | This XSA does **not** affect the security of Qubes OS, and no user 11 | action is necessary. 12 | 13 | This XSA has been added to the [XSA Tracker](/security/xsa/): 14 | 15 | [https://www.qubes-os.org/security/xsa/#253](/security/xsa/#253) 16 | 17 | -------------------------------------------------------------------------------- /2025-11-16-qubes-at-fosdem-2026.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "The Qubes OS Project will be at FOSDEM 2026!" 4 | categories: announcements 5 | --- 6 | 7 | The Qubes OS Project [will have a stand](https://fosdem.org/2026/news/2025-11-16-accepted-stands/) at [FOSDEM 2026](https://fosdem.org/2026/), which will take place in Brussels, Belgium on January 31 and February 1, 2026. FOSDEM is a top annual meeting for free and open source software developers. Entry is free, and no registration is required. If you attend, stop by and say hello! 8 | -------------------------------------------------------------------------------- /2019-06-13-xsa-295-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-295 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 295 (XSA-295). 9 | This XSA does **not** affect the security of Qubes OS, and no user 10 | action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#295](/security/xsa/#295) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2019-07-09-xsa-300-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-300 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 300 (XSA-300). 9 | This XSA does **not** affect the security of Qubes OS, and no user 10 | action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#300](/security/xsa/#300) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2019-11-13-xsa-304-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-304 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 304 (XSA-304). 9 | This XSA does **not** affect the security of Qubes OS, and no user 10 | action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#304](/security/xsa/#304) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2020-01-15-xsa-312-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-312 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 312 (XSA-312). 9 | This XSA does **not** affect the security of Qubes OS, and no user 10 | action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#312](/security/xsa/#312) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2020-03-12-xsa-315-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-315 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 315 (XSA-315). 9 | This XSA does **not** affect the security of Qubes OS, and no user 10 | action is necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#315](/security/xsa/#315) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2020-07-16-xsa-329-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-329 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 329 (XSA-329). This 9 | XSA does **not** affect the security of Qubes OS, and no user action is 10 | necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#329](/security/xsa/#329) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2020-08-24-xsa-335-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-335 does not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisory 335 (XSA-335). This 9 | XSA does **not** affect the security of Qubes OS, and no user action is 10 | necessary. 11 | 12 | This XSA has been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#335](/security/xsa/#335) 15 | 16 | 17 | [XSA Tracker]: /security/xsa/ 18 | 19 | -------------------------------------------------------------------------------- /2017-02-27-google-summer-of-code-2017.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Google Summer of Code 2017" 4 | date: 2017-02-27 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | We're pleased to announce that the Qubes OS Project has been accepted as a mentor organization for Google Summer of Code (GSoC) 2017! 10 | Many interesting projects have already been proposed, and we're still looking for both students and mentors. 11 | If you're interested in participating, please see our [GSoC 2017 page](/gsoc/) for details! 12 | 13 | -------------------------------------------------------------------------------- /2018-07-25-xsa-274-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-274 does not affect the security of Qubes OS" 4 | date: 2018-07-25 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 274 (XSA-274). This 10 | XSA does **not** affect the security of Qubes OS, and no user action is 11 | necessary. 12 | 13 | This XSA has been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#274](/security/xsa/#274) 16 | 17 | 18 | [XSA Tracker]: /security/xsa/ 19 | 20 | -------------------------------------------------------------------------------- /2024-08-05-qubes-os-summit-2024-last-call-for-proposals.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2024: Last call for proposals" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | As [previously announced](/news/2024/03/13/qubes-os-summit-2024/), this year's [Qubes OS Summit](https://vpub.dasharo.com/e/16/qubes-os-summit-2024) will be held from September 20 to 22 in Berlin, Germany. If you would like to submit a proposal, the [call for participation (CFP)](https://cfp.3mdeb.com/qubes-os-summit-2024/cfp) closes on 2024-08-07 at 23:59 CEST (UTC+2). 10 | -------------------------------------------------------------------------------- /2018-10-24-xsa-278-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-278 does not affect the security of Qubes OS" 4 | date: 2018-10-24 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | Dear Qubes Community, 10 | 11 | The Xen Project has published Xen Security Advisory 278 (XSA-278). This 12 | XSA does **not** affect the security of Qubes OS, and no user action is 13 | necessary. 14 | 15 | This XSA has been added to the [XSA Tracker]: 16 | 17 | [https://www.qubes-os.org/security/xsa/#278](/security/xsa/#278) 18 | 19 | 20 | [XSA Tracker]: /security/xsa/ 21 | 22 | -------------------------------------------------------------------------------- /2018-11-06-xsa-282-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-282 does not affect the security of Qubes OS" 4 | date: 2018-11-06 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | Dear Qubes Community, 10 | 11 | The Xen Project has published Xen Security Advisory 282 (XSA-282). This 12 | XSA does **not** affect the security of Qubes OS, and no user action is 13 | necessary. 14 | 15 | This XSA has been added to the [XSA Tracker]: 16 | 17 | [https://www.qubes-os.org/security/xsa/#282](/security/xsa/#282) 18 | 19 | 20 | [XSA Tracker]: /security/xsa/ 21 | 22 | -------------------------------------------------------------------------------- /2024-03-13-qubes-os-summit-2024.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2024: September 20-22 in Berlin" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | In conjunction with [3mdeb](https://3mdeb.com/), the sixth edition of our Qubes OS Summit will be held live this year from September 20 to 22 in Berlin, Germany! For more information about this event, please see: 10 | 11 | If you would like to submit a proposal, the Call for Participation (CFP) is open until August 7: 12 | -------------------------------------------------------------------------------- /2023-08-25-qubes-os-summit-2023.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2023: October 6-8 in Berlin" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes OS Summit will be held live this year from October 6 to 8 in Berlin, Germany! For more information about this event, including the CFP (which is open until October 2), please see: 10 | 11 | [![Qubes OS Summit 2023 poster](/attachment/posts/qubes-os-summit-2023.png)](/attachment/posts/qubes-os-summit-2023.png) 12 | -------------------------------------------------------------------------------- /2022-03-23-qubes-os-configuration-survey.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: Qubes OS configuration survey! (5-10 minutes) 4 | categories: announcements 5 | author: Marta Marczykowska-Górecka 6 | --- 7 | 8 | We're working on a simpler, more user-friendly Qubes OS configuration 9 | experience. We invite you all to lend us 5-10 minutes of your time to 10 | participate in this 100% anonymous survey. Your participation will help 11 | us build better GUI tools for system configuration that meet real user 12 | needs. This survey will remain live for 28 days. Thank you! 13 | 14 | 15 | -------------------------------------------------------------------------------- /2016-12-17-interview-the-new-screen-savers.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Interview about Qubes OS on The New Screen Savers" 4 | author: Andrew David Wong 5 | date: 2016-12-17 6 | categories: press 7 | --- 8 | 9 | I gave an interview about Qubes OS yesterday on Leo Laporte's [*The New Screen 10 | Savers*](https://twit.tv/shows/new-screen-savers). Here's the video: 11 | 12 | 13 | -------------------------------------------------------------------------------- /2021-05-01-new-app-menu-survey.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: New App Menu Survey! 5-10 minutes of your time 4 | categories: announcements 5 | author: Nina Eleanor Alter 6 | --- 7 | 8 | Hello! This survey will only remain live for 14 days, so please take a few moments, if you are so inclined, to let us know your thoughts on our work so far on designing a new App Menu specific to Qubes OS. Former users, new users, longtime users, technical users, and non-technical users --- we would love to hear from as many folks as possible who have used or are currently using Qubes. 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /2018-04-25-xsa-258-259-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-258 and XSA-259 do not affect the security of Qubes OS" 4 | date: 2018-04-25 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisories 258 and 259 10 | (XSA-258 and XSA-259, respectively). These XSAs do **not** 11 | affect the security of Qubes OS, and no user action is necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#258](/security/xsa/#258) 16 | [https://www.qubes-os.org/security/xsa/#259](/security/xsa/#259) 17 | 18 | 19 | [XSA Tracker]: /security/xsa/ 20 | 21 | -------------------------------------------------------------------------------- /2016-07-04-marek-marczykowski-gorecki-presents-at-rmll-2016.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Marek Marczykowski-Górecki presents at RMLL 2016" 4 | date: 2016-07-04 5 | categories: 6 | - talks 7 | author: Andrew David Wong 8 | --- 9 | 10 | Marek Marczykowski-Górecki, the lead developer of Qubes OS, presented at the 11 | [2016 RMLL Security Track](https://sec2016.rmll.info/) today. The slides from 12 | his presentation, "Improving client systems security with Qubes OS," are 13 | available [here](/attachment/doc/RMLL_2016_Improving-client-systems-security.pdf). 14 | 15 | **Update (2016-08-10):** The video of Marek's talk is now available [here](https://rmll.ubicast.tv/videos/improving-client-systems-security-with-qubes-os/)! 16 | -------------------------------------------------------------------------------- /2019-12-11-xsa-307-308-309-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 307, 308, and 309 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisories 307, 308, and 309 9 | (XSA-307, XSA-308, and XSA-309, respectively). These XSAs do **not** 10 | affect the security of Qubes OS, and no user action is necessary. 11 | 12 | These XSAs have been added to the [XSA Tracker]: 13 | 14 | [https://www.qubes-os.org/security/xsa/#307](/security/xsa/#307) 15 | [https://www.qubes-os.org/security/xsa/#308](/security/xsa/#308) 16 | [https://www.qubes-os.org/security/xsa/#309](/security/xsa/#309) 17 | 18 | 19 | [XSA Tracker]: /security/xsa/ 20 | 21 | -------------------------------------------------------------------------------- /2016-10-28-qubes-announce.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Introducing the new qubes-announce read-only mailing list" 4 | date: 2016-10-28 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | We've just introduced a new mailing list: [qubes-announce] 10 | 11 | This is a read-only list for those who wish to receive only very important, 12 | infrequent messages. Only the core Qubes team can post to this list, and only 13 | [Qubes Security Bulletins (QSBs)][qsb] and new Qubes OS releases will be 14 | announced here. Instructions for subscribing to the list are available 15 | [here][qubes-announce]. 16 | 17 | 18 | [qubes-announce]: https://doc.qubes-os.org/en/latest/introduction/support.html#qubes-announce 19 | [qsb]: /doc/security-bulletins/ 20 | -------------------------------------------------------------------------------- /2016-10-11-marek-marczykowski-gorecki-security-pwning-conference-2016.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Marek Marczykowski-Górecki to present at the Security PWNing Conference 2016" 4 | date: 2016-10-11 5 | categories: talks 6 | author: Andrew David Wong 7 | --- 8 | 9 | Marek Marczykowski-Górecki will be presenting at the first annual [Security 10 | PWNing Conference 2016](https://www.instytutpwn.pl/konferencja/pwning2016/), 11 | which will take place in Warsaw, Poland on November 7-8, 2016. 12 | 13 | The title of his presentation, in English, will be, "Not so trusted devices and 14 | what you can do about it in Qubes OS." 15 | 16 | [![security-pwning-conference-2016](/attachment/posts/security-pwning-conference-2016.jpg)](https://www.instytutpwn.pl/konferencja/pwning2016/) 17 | -------------------------------------------------------------------------------- /2018-02-27-xsa-252-255-256-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-252, XSA-255, and XSA-256 do not affect the security of Qubes OS" 4 | date: 2018-02-27 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisories 252, 255, and 256 10 | (XSA-252, XSA-255, and XSA-256, respectively). These XSAs do **not** 11 | affect the security of Qubes OS, and no user action is necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#252](/security/xsa/#252) 16 | [https://www.qubes-os.org/security/xsa/#255](/security/xsa/#255) 17 | [https://www.qubes-os.org/security/xsa/#256](/security/xsa/#256) 18 | 19 | 20 | [XSA Tracker]: /security/xsa/ 21 | 22 | -------------------------------------------------------------------------------- /2018-06-27-xsa-264-265-266-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-264, XSA-265, and XSA-266 do not affect the security of Qubes OS" 4 | date: 2018-06-27 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisories 264, 265 and 266 10 | (XSA-264, XSA-265, and XSA-266, respectively). These XSAs do **not** 11 | affect the security of Qubes OS, and no user action is necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#264](/security/xsa/#264) 16 | [https://www.qubes-os.org/security/xsa/#265](/security/xsa/#265) 17 | [https://www.qubes-os.org/security/xsa/#266](/security/xsa/#266) 18 | 19 | 20 | [XSA Tracker]: /security/xsa/ 21 | 22 | -------------------------------------------------------------------------------- /2017-12-12-xsa-245-251-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-248 through XSA-251 do not affect the security of Qubes OS" 4 | date: 2017-12-12 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisories 248 through 251 (XSA-248 through XSA-251). 10 | These XSAs do **not** affect the security of Qubes OS, and no user action is necessary. 11 | 12 | These XSAs have been added to the [XSA Tracker](/security/xsa/): 13 | 14 | - [https://www.qubes-os.org/security/xsa/#248](/security/xsa/#248) 15 | - [https://www.qubes-os.org/security/xsa/#249](/security/xsa/#249) 16 | - [https://www.qubes-os.org/security/xsa/#250](/security/xsa/#250) 17 | - [https://www.qubes-os.org/security/xsa/#251](/security/xsa/#251) 18 | 19 | -------------------------------------------------------------------------------- /2024-09-19-reminder-qubes-os-summit-2024-starts-tomorrow.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Reminder: Qubes OS Summit 2024 starts tomorrow!" 4 | categories: 5 | - announcements 6 | image: /attachment/posts/qubes-os-summit-2024.jpg 7 | --- 8 | 9 | Join us tomorrow, September 20, at 10:00 AM (CEST) for [Qubes OS Summit 2024](https://vpub.dasharo.com/e/16/qubes-os-summit-2024/)! 10 | 11 | [Free virtual tickets](https://vpub.dasharo.com/e/16/qubes-os-summit-2024/#tickets) are still available. For those with on-site tickets, see you at The Social Hub in Berlin! 12 | 13 | This year's summit will continue until September 22 at 8:00 PM (20:00 CEST). 14 | 15 | [![Qubes OS Summit 2024 event poster](/attachment/posts/qubes-os-summit-2024.jpg)](https://vpub.dasharo.com/e/16/qubes-os-summit-2024/) 16 | -------------------------------------------------------------------------------- /2018-12-27-introduction-to-qubes-at-35c3.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Introduction to Qubes this Saturday at the 35th CCC in Leipzig" 4 | date: 2018-12-27 5 | categories: talks 6 | author: Andrew David Wong 7 | --- 8 | 9 | [Wojtek Porczyk] will be hosting an ["Introduction to Qubes OS"] workshop this 10 | Saturday (2018-12-29) at the [35th Chaos Communication Congress (35C3)] in 11 | Leipzig, Germany. We'll start with the absolute basics and build from there; no 12 | prior knowledge needed! All are welcome! 13 | 14 | 15 | [Wojtek Porczyk]: /team/#wojtek-porczyk 16 | ["Introduction to Qubes OS"]: https://events.ccc.de/congress/2018/wiki/index.php/Session:Introduction_to_Qubes_OS 17 | [35th Chaos Communication Congress (35C3)]: https://events.ccc.de/congress/2018/wiki/index.php/Main_Page 18 | 19 | -------------------------------------------------------------------------------- /2024-08-11-qubes-os-summit-2024-tickets-now-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2024: Tickets now available!" 4 | categories: 5 | - announcements 6 | --- 7 | 8 | You can now get [free tickets](https://vpub.dasharo.com/e/16/qubes-os-summit-2024/#tickets) to attend this year's [Qubes OS Summit](https://vpub.dasharo.com/e/16/qubes-os-summit-2024), which will be held from September 20 to 22 in Berlin, Germany. Tickets are available for both virtual and on-site attendance. Physical seating is limited, so on-site tickets will be granted on a first-come, first-served basis. (However, please note that failing to attend after obtaining an on-site ticket may prevent you from obtaining other on-site tickets for future events, so please refrain from obtaining an on-site ticket unless you're serious about joining us in person!) 9 | -------------------------------------------------------------------------------- /2023-09-19-tickets-for-qubes-os-summit-2023-now-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Tickets for Qubes OS Summit 2023 are now available!" 4 | categories: 5 | - announcements 6 | - talks 7 | author: 3mdeb 8 | --- 9 | 10 | [![Tickets are available for Qubes OS Summit 2023](/attachment/posts/qubes-os-summit-2023-tickets.png)](/attachment/posts/qubes-os-summit-2023-tickets.png) 11 | 12 | We have options for everyone: 13 | 14 | - Virtual Qubes Pass for online attendees 15 | - On-site Qubes Pass for those ready to join us in Berlin 16 | 17 | Number of the On-site Qubes Passes is limited, so book only if you will be there. Both tickets are free. Read more at: 18 | 19 | Have insights to share? 20 | Want to be a sponsor? 21 | -------------------------------------------------------------------------------- /2018-11-20-xsa-276-277-279-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-276, XSA-277, and XSA-279 do not affect the security of Qubes OS" 4 | date: 2018-11-20 5 | categories: security 6 | author: Andrew David Wong 7 | redirect_from: /news/2018/11/19/xsa-276-277-279-qubes-not-affected/ 8 | --- 9 | 10 | The Xen Project has published Xen Security Advisories 276, 277, and 279 11 | (XSA-276, XSA-277, and XSA-279, respectively). These XSAs do **not** 12 | affect the security of Qubes OS, and no user action is necessary. 13 | 14 | These XSAs have been added to the [XSA Tracker]: 15 | 16 | [https://www.qubes-os.org/security/xsa/#276](/security/xsa/#276) 17 | [https://www.qubes-os.org/security/xsa/#277](/security/xsa/#277) 18 | [https://www.qubes-os.org/security/xsa/#279](/security/xsa/#279) 19 | 20 | 21 | [XSA Tracker]: /security/xsa/ 22 | 23 | -------------------------------------------------------------------------------- /2019-10-31-xsa-296-298-301-303-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 296, 298, 301, and 303 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisories 296, 298, 301, 9 | and 303 (XSA-296, XSA-298, XSA-301, and XSA-303, respectively). These 10 | XSAs do **not** affect the security of Qubes OS, and no user action is 11 | necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#296](/security/xsa/#296) 16 | [https://www.qubes-os.org/security/xsa/#298](/security/xsa/#298) 17 | [https://www.qubes-os.org/security/xsa/#301](/security/xsa/#301) 18 | [https://www.qubes-os.org/security/xsa/#303](/security/xsa/#303) 19 | 20 | 21 | [XSA Tracker]: /security/xsa/ 22 | 23 | -------------------------------------------------------------------------------- /2020-04-15-xsa-313-314-316-318-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 313, 314, 316, and 318 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisories 313, 314, 316, 9 | and 318 (XSA-313, XSA-314, XSA-316, and XSA-318, respectively). These 10 | XSAs do **not** affect the security of Qubes OS, and no user action is 11 | necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#313](/security/xsa/#313) 16 | [https://www.qubes-os.org/security/xsa/#314](/security/xsa/#314) 17 | [https://www.qubes-os.org/security/xsa/#316](/security/xsa/#316) 18 | [https://www.qubes-os.org/security/xsa/#318](/security/xsa/#318) 19 | 20 | 21 | [XSA Tracker]: /security/xsa/ 22 | 23 | -------------------------------------------------------------------------------- /2020-07-07-xsa-317-319-327-328-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 317, 319, 327, and 328 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published Xen Security Advisories 317, 319, 327, and 9 | 328 (XSA-317, XSA-319, XSA-327, and XSA-328, respectively). These 10 | XSAs do **not** affect the security of Qubes OS, and no user action is 11 | necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#317](/security/xsa/#317) 16 | [https://www.qubes-os.org/security/xsa/#319](/security/xsa/#319) 17 | [https://www.qubes-os.org/security/xsa/#327](/security/xsa/#327) 18 | [https://www.qubes-os.org/security/xsa/#328](/security/xsa/#328) 19 | 20 | 21 | [XSA Tracker]: /security/xsa/ 22 | 23 | -------------------------------------------------------------------------------- /2020-09-20-get-paid-to-support-qubes-development-through-automated-testing.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Get paid to support Qubes development through automated testing! (three-month contract)" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Qubes OS Project is seeking an expert in automated testing. We use 9 | OpenQA and Travis to test changes to the Qubes OS source code and 10 | automated building from source. We're looking for someone who can help 11 | with improving both the automated tests themselves and the testing 12 | infrastructure. 13 | 14 | This is a paid position on a three-month part-time contract through the 15 | Internews BASICS project (Building Analytical and Support Infrastructure 16 | for Critical Security tools): 17 | 18 | 19 | -------------------------------------------------------------------------------- /2017-09-13-joanna-rutkowska-secure-computing-decentralized-world.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Joanna Rutkowska: Reasonably Secure Computing in the Decentralized World" 4 | date: 2017-09-13 5 | categories: talks 6 | author: Andrew David Wong 7 | --- 8 | 9 | [Joanna Rutkowska](/team/#joanna-rutkowska) recently gave a presentation titled 10 | "Reasonably Secure Computing in the Decentralized World (An Operating System 11 | Architect's Perspective)" at a public event hosted by 12 | [The Golem Project](https://golem.network/) in Berlin, Germany 13 | called "Golem and Friends: Data, Security, Scaling and More...." 14 | The slides from her presentation are available 15 | [here](/attachment/doc/Secure_Computing_in_Decentralized_World.pdf). 16 | The event was streamed live, and the video is available 17 | [here](https://www.youtube.com/watch?v=B1QCm09BvP4&feature=youtu.be&t=31m52s). 18 | -------------------------------------------------------------------------------- /2019-04-30-qubes-os-accepted-into-season-of-docs.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS accepted into 2019 Google Season of Docs. Technical writers, please apply!" 4 | categories: announcements 5 | author: Michael Carbone 6 | --- 7 | 8 | We are pleased to announce Qubes OS has been accepted into the [2019 Google Season of Docs][gsod] program, which aims to support technical writers in participating in free and open source projects. 9 | 10 | If you are a technical writer, feel free to explore [our Season of Docs page][qubes-gsod] which provides an overview of potential documentation ideas we are excited about, and follow the [Season of Docs process][process-apply] to apply to collaborate with us! 11 | 12 | [gsod]: https://developers.google.com/season-of-docs/ 13 | [qubes-gsod]: /gsod/ 14 | [process-apply]: https://developers.google.com/season-of-docs/docs/tech-writer-guide 15 | -------------------------------------------------------------------------------- /2016-09-02-qubes-os-3-0-eol-on-2016-09-09.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.0 reaches EOL on 2016-09-09" 4 | date: 2016-09-02 5 | categories: 6 | - announcements 7 | - releases 8 | author: Andrew David Wong 9 | --- 10 | Qubes OS releases are normally supported for six months after each subsequent 11 | major or minor release (see [supported releases] and [Version Scheme]). In 12 | accordance with this policy, Qubes 3.0, which was released on 2015-10-01, is 13 | scheduled to reach end-of-life (EOL) on 2016-09-09 --- six months after Qubes 14 | 3.1 was released on 2016-03-09. We strongly urge all current Qubes 3.0 users to 15 | upgrade to Qubes 3.1 or newer before 2016-09-09. As always, newer releases are 16 | available on the [downloads] page. 17 | 18 | [supported releases]: /doc/supported-releases/ 19 | [Version Scheme]: /doc/version-scheme/ 20 | [downloads]: /downloads/ 21 | -------------------------------------------------------------------------------- /2017-02-01-qubes-project.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Introducing the new qubes-project mailing list" 4 | date: 2017-02-01 5 | categories: announcements 6 | author: Michael Carbone 7 | --- 8 | 9 | We've just introduced a new mailing list: [qubes-project] 10 | 11 | This list is for non-technical discussion and coordination around the Qubes OS project. Examples of topics or question suitable for this list include: 12 | 13 | * Participation (talks, workshops, etc.) at upcoming events 14 | * Project funding applications and strategies 15 | * FOSS governance discussions 16 | * Outreach/propaganda materials 17 | * Most GitHub issues tagged “[business][business]” 18 | 19 | [qubes-project]: https://doc.qubes-os.org/en/latest/introduction/support.html#qubes-project 20 | [business]: https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20label%3Abusiness 21 | -------------------------------------------------------------------------------- /2017-03-01-qubes-os-3-1-eol-on-2017-03-29.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.1 reaches EOL on 2017-03-29" 4 | date: 2017-03-01 5 | categories: 6 | - announcements 7 | - releases 8 | author: Andrew David Wong 9 | --- 10 | Qubes OS releases are normally supported for six months after each subsequent 11 | major or minor release (see [supported releases] and [Version Scheme]). In 12 | accordance with this policy, Qubes 3.1, which was released on 2016-03-09, is 13 | scheduled to reach end-of-life (EOL) on 2017-03-29 --- six months after Qubes 14 | 3.2 was released on 2016-09-29. We strongly urge all current Qubes 3.1 users to 15 | upgrade to Qubes 3.2 or newer before 2017-03-29. As always, newer releases are 16 | available on the [downloads] page. 17 | 18 | [supported releases]: /doc/supported-releases/ 19 | [Version Scheme]: /doc/version-scheme/ 20 | [downloads]: /downloads/ 21 | -------------------------------------------------------------------------------- /2022-12-16-proton-charity-fundraiser.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Support the Qubes OS Project via Proton's charity fundraiser!" 4 | categories: announcements 5 | author: Andrew David Wong 6 | image: /attachment/posts/proton-lifetime-fundraiser.png 7 | --- 8 | 9 | The Qubes OS Project is grateful to have been selected as one of the beneficiaries of this year's [Proton](https://proton.me/) charity fundraiser alongside so many other wonderful organizations. The continued support of the privacy community means the world to us! For details about the fundraiser and how you can participate, please see the official Proton blog post: [The 2022 Lifetime Account Charity Fundraiser has started!](https://proton.me/blog/2022-lifetime-account-charity-fundraiser) 10 | 11 | [![Proton Lifetime Fundraiser](/attachment/posts/proton-lifetime-fundraiser.png)](https://proton.me/blog/2022-lifetime-account-charity-fundraiser) 12 | -------------------------------------------------------------------------------- /2018-06-17-marek-marczykowski-gorecki-xen-summit-2018.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Marek Marczykowski-Górecki to speak at the Xen Developer and Design Summit 2018" 4 | date: 2018-06-17 5 | categories: talks 6 | author: Andrew David Wong 7 | --- 8 | 9 | [Marek Marczykowski-Górecki] will be speaking at this year's [Xen Developer and 10 | Design Summit]. The summit will take place in Nanjing Jiangning, China from June 11 | 20--22, 2018. Marek will present on linux-based device model stubdomains in 12 | Qubes OS. For more information about the summit, please see the [announcement on 13 | the Xen blog]. 14 | 15 | 16 | [Marek Marczykowski-Górecki]: /team/#marek-marczykowski-górecki 17 | [Xen Developer and Design Summit]: https://www.lfasiallc.com/events/xensummit2018/ 18 | [announcement on the Xen blog]: https://blog.xenproject.org/2018/05/03/xen-project-announces-schedule-for-its-annual-developer-and-design-summi/ 19 | -------------------------------------------------------------------------------- /2018-08-03-micah-lee-hope-conf-2018.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "[Video] Micah Lee presents Qubes OS at HOPE 2018" 4 | date: 2018-08-03 5 | categories: talks 6 | author: Andrew David Wong 7 | --- 8 | 9 | [Micah Lee], a long-time Qubes [advocate], presented [Qubes OS: The Operating 10 | System That Can Protect You Even If You Get Hacked] at the [Circle of HOPE] 11 | conference, which took place July 20-22, 2018 in New York City. A video 12 | recording of Micah's presentation is available [here][video]. 13 | 14 | 15 | [Micah Lee]: https://micahflee.com/ 16 | [advocate]: /endorsements/ 17 | [Qubes OS: The Operating System That Can Protect You Even If You Get Hacked]: https://www.hope.net/schedule.html#-qubes-os-the-operating-system-that-can-protect-you-even-if-you-get-hacked- 18 | [Circle of HOPE]: https://www.hope.net/index.html 19 | [video]: https://livestream.com/internetsociety2/hope/videos/178431606 20 | 21 | -------------------------------------------------------------------------------- /2018-08-14-xsa-268-269-271-272-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-268, XSA-269, XSA-271, and XSA-272 do not affect the security of Qubes OS" 4 | date: 2018-08-14 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | Dear Qubes Community, 10 | 11 | The Xen Project has published Xen Security Advisories 268, 269, 271, 12 | and 272 (XSA-268, XSA-269, XSA-271, and XSA-272, respectively). These 13 | XSAs do **not** affect the security of Qubes OS, and no user action is 14 | necessary. 15 | 16 | These XSAs have been added to the [XSA Tracker]: 17 | 18 | [https://www.qubes-os.org/security/xsa/#268](/security/xsa/#268) 19 | [https://www.qubes-os.org/security/xsa/#269](/security/xsa/#269) 20 | [https://www.qubes-os.org/security/xsa/#271](/security/xsa/#271) 21 | [https://www.qubes-os.org/security/xsa/#272](/security/xsa/#272) 22 | 23 | 24 | [XSA Tracker]: /security/xsa/ 25 | 26 | -------------------------------------------------------------------------------- /2021-04-10-get-paid-to-support-qubes-development-through-automated-testing.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Get paid to support Qubes development through automated testing! (six-month contract)" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Qubes OS Project is seeking an expert in automated testing. We use 9 | OpenQA and GitLab CI to test changes to the Qubes OS source code and 10 | automated building from source. We're looking for someone who can help 11 | with improving both the automated tests themselves and the testing 12 | infrastructure. 13 | 14 | This is a paid position on a six-month part-time contract with a 15 | budgeted rate of $30-50 USD per hour through the Internews BASICS 16 | project (Building Analytical and Support Infrastructure for Critical 17 | Security tools): 18 | 19 | 20 | -------------------------------------------------------------------------------- /2016-02-24-qubes-OS-3-1-rc3-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.1 rc3 has been released!" 4 | date: 2016-02-24 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Marek Marczykowski-Górecki 9 | --- 10 | Today we're releasing the third release candidate of Qubes 3.1, with some 11 | (hopefully) last few important bugs fixed over the 12 | [previous release candidate][qubes-31-rc2-announced]. 13 | 14 | Read the [release notes][release-notes] for more details, installation and update 15 | instructions. The installation image can be downloaded from [here][download]. 16 | 17 | We would like to thanks all the users testing release candidates and all the 18 | bug reports! This allows us to make the final release as stable as possible. 19 | 20 | [qubes-31-rc2-announced]: /news/2016/01/12/qubes-OS-3-1-rc2-has-been-released/ 21 | [release-notes]: /doc/releases/3.1/release-notes/ 22 | [download]: /downloads/ 23 | -------------------------------------------------------------------------------- /2016-11-19-qubes-at-33C3.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "The Qubes Project will be present at 33C3" 4 | date: 2016-11-19 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Qubes Project will be present at the [33rd Chaos Communication Congress 10 | (33C3)], which will take place on December 27 to 30, 2016 at the [Congress 11 | Center Hamburg] in Germany. The [Qubes subassembly] will be located at the 12 | [Secure Desktops assembly] along with [Whonix], [Subgraph], and [Tails]. 13 | 14 | [33rd Chaos Communication Congress (33C3)]: https://events.ccc.de/congress/2016/wiki/Main_Page 15 | [Congress Center Hamburg]: http://www.cch.de/ 16 | [Qubes subassembly]: https://events.ccc.de/congress/2016/wiki/Projects:Qubes 17 | [Secure Desktops assembly]: https://events.ccc.de/congress/2016/wiki/Assembly:Secure_Desktops 18 | [Whonix]: https://www.whonix.org/ 19 | [Subgraph]: https://subgraph.com/ 20 | [Tails]: https://tails.boum.org/ 21 | -------------------------------------------------------------------------------- /2019-03-05-xsa-284-290-291-293-294-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 284, 290, 291, 293, and 294 do not affect the security of Qubes OS" 4 | date: 2019-03-05 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisories 284, 290, 291, 10 | 293, and 294 (XSA-284, XSA-290, XSA-291, XSA-293, and XSA-294, 11 | respectively). These XSAs do **not** affect the security of Qubes OS, 12 | and no user action is necessary. 13 | 14 | These XSAs have been added to the [XSA Tracker]: 15 | 16 | [https://www.qubes-os.org/security/xsa/#284](/security/xsa/#284) 17 | [https://www.qubes-os.org/security/xsa/#290](/security/xsa/#290) 18 | [https://www.qubes-os.org/security/xsa/#291](/security/xsa/#291) 19 | [https://www.qubes-os.org/security/xsa/#293](/security/xsa/#293) 20 | [https://www.qubes-os.org/security/xsa/#294](/security/xsa/#294) 21 | 22 | 23 | [XSA Tracker]: /security/xsa/ 24 | 25 | -------------------------------------------------------------------------------- /2018-05-24-partnering-with-the-freedom-of-the-press-foundation.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Partnering with the Freedom of the Press Foundation" 4 | date: 2018-05-24 5 | author: Andrew David Wong 6 | categories: announcements 7 | --- 8 | 9 | We're pleased to announce that the [Freedom of the Press Foundation 10 | (FPF)] has become a [Qubes Partner]. We look forward to continuing to 11 | work with the FPF on an [integrated SecureDrop Workstation] based on 12 | Qubes OS. For more about what this collaboration entails and our next 13 | steps together, please see [today's announcement on the SecureDrop 14 | blog]. 15 | 16 | 17 | [Freedom of the Press Foundation (FPF)]: https://freedom.press/ 18 | [Qubes Partner]: /partners/#freedom-of-the-press-foundation 19 | [integrated SecureDrop Workstation]: https://github.com/freedomofpress/securedrop-workstation 20 | [today's announcement on the SecureDrop blog]: https://securedrop.org/news/road-towards-integrated-securedrop-workstation/ 21 | -------------------------------------------------------------------------------- /2019-01-21-xsa-289-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSA-289 does not affect the security of Qubes OS" 4 | date: 2019-01-21 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Xen Project has published Xen Security Advisory 289 (XSA-289). 10 | This XSA does **not** affect the security of Qubes OS, and no user 11 | action is necessary. 12 | 13 | XSA-289 is unusual in that it does not disclose any new 14 | vulnerabilities. Rather, it is only for the purpose of providing 15 | information about previously-disclosed vulnerabilities. These 16 | vulnerabilities were all patched in Qubes OS as part of [QSB #43], 17 | which we published on 2018-09-02. Therefore, XSA-289 does not affect 18 | the security of updated Qubes OS installations. 19 | 20 | 21 | This XSA has been added to the [XSA Tracker]: 22 | 23 | [https://www.qubes-os.org/security/xsa/#289](/security/xsa/#289) 24 | 25 | 26 | [XSA Tracker]: /security/xsa/ 27 | [QSB #43]: /news/2018/09/02/qsb-43/ 28 | 29 | -------------------------------------------------------------------------------- /2021-01-22-xsas-released-on-2021-01-21.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-01-21" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project released one or more new Xen Security Advisories (XSAs) on 2021-01-21. 9 | The security of Qubes OS **is not affected** by these XSAs. 10 | Therefore, **user action is not required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | None. 17 | 18 | 19 | XSAs that do not affect the security of Qubes OS (no user action required) 20 | -------------------------------------------------------------------------- 21 | 22 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 23 | 24 | - XSA-360 (DoS only) 25 | 26 | 27 | Related links 28 | ------------- 29 | 30 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 31 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 32 | - [XSA Tracker](/security/xsa/) 33 | 34 | -------------------------------------------------------------------------------- /2016-08-31-qubes-OS-3-2-rc3-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.2 rc3 has been released!" 4 | date: 2016-08-31 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Marek Marczykowski-Górecki 9 | --- 10 | Today we're releasing the third release candidate for Qubes 3.2, which includes 11 | some final bug fixes over the [previous release candidate][qubes-32-rc2-announced]. 12 | We believe this will be the last release candidate, which will become the final 13 | 3.2 release in coming weeks. 14 | 15 | For more details about new features introduced in Qubes 3.2 in general, read 16 | the [release notes][release-notes]. The installation image can be downloaded 17 | from [here][download]. 18 | 19 | Thank you to all the users testing release candidates and submitting bug 20 | reports! Your feedback helps us to make the final release as stable as possible. 21 | 22 | [qubes-32-rc2-announced]: /news/2016/07/28/qubes-OS-3-2-rc2-has-been-released/ 23 | [release-notes]: /doc/releases/3.2/release-notes/ 24 | [download]: /downloads/ 25 | -------------------------------------------------------------------------------- /2020-09-22-xsa-333-334-336-338-339-342-344-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 333, 334, 336, 338, 339, 342, and 344 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published the following Xen Security Advisories: 9 | XSA-333, XSA-334, XSA-336, XSA-338, XSA-339, XSA-342, and XSA-344. 10 | These XSAs do **not** affect the security of Qubes OS, and no user 11 | action is necessary. 12 | 13 | These XSAs have been added to the [XSA Tracker]: 14 | 15 | [https://www.qubes-os.org/security/xsa/#333](/security/xsa/#333) 16 | [https://www.qubes-os.org/security/xsa/#334](/security/xsa/#334) 17 | [https://www.qubes-os.org/security/xsa/#336](/security/xsa/#336) 18 | [https://www.qubes-os.org/security/xsa/#338](/security/xsa/#338) 19 | [https://www.qubes-os.org/security/xsa/#339](/security/xsa/#339) 20 | [https://www.qubes-os.org/security/xsa/#342](/security/xsa/#342) 21 | [https://www.qubes-os.org/security/xsa/#344](/security/xsa/#344) 22 | 23 | 24 | [XSA Tracker]: /security/xsa/ 25 | 26 | -------------------------------------------------------------------------------- /2022-07-26-xsas-released-on-2022-07-26.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-07-26" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | ## XSAs that affect the security of Qubes OS (user action required) 14 | 15 | The following XSAs **do affect** the security of Qubes OS: 16 | 17 | - (none) 18 | 19 | 20 | ## XSAs that do not affect the security of Qubes OS (no user action required) 21 | 22 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 23 | 24 | - XSA-408 (shadow mode is disabled at build time) 25 | 26 | 27 | ## Related links 28 | 29 | - Xen XSA list: 30 | - Qubes XSA tracker: 31 | - Qubes security pack (qubes-secpack): 32 | - Qubes security bulletins (QSBs): 33 | -------------------------------------------------------------------------------- /2021-03-18-xsas-released-on-2021-03-18.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-03-18" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more new Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected** by these XSAs. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-368 (DoS only) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 33 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 34 | - [XSA Tracker](/security/xsa/) 35 | 36 | -------------------------------------------------------------------------------- /2021-03-30-xsas-released-on-2021-03-30.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-03-30" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more new Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected** by these XSAs. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-371 (DoS only) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 33 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 34 | - [XSA Tracker](/security/xsa/) 35 | 36 | -------------------------------------------------------------------------------- /2019-03-28-qubes-3-2-has-reached-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.2 has reached EOL" 4 | categories: 5 | - announcements 6 | - releases 7 | author: Andrew David Wong 8 | --- 9 | 10 | Qubes OS 3.2 has officially reached end-of-life (EOL). We strongly urge 11 | all current Qubes 3.2 users to [upgrade to Qubes 4.0] immediately. 12 | As always, the support statuses of all Qubes OS and TemplateVM versions 13 | are available on the [supported releases] page, and the latest release 14 | is available on the [Downloads] page. 15 | 16 | Previous announcements: 17 | - [Extended Support for Qubes OS 3.2] 18 | - [Qubes 4.0: The Past and the Future] 19 | - [Qubes 3.2 approaching EOL on 2019-03-28] 20 | 21 | 22 | [upgrade to Qubes 4.0]: /doc/upgrade-to-r4.0/ 23 | [supported releases]: /doc/supported-releases/ 24 | [Downloads]: /downloads/ 25 | [Extended Support for Qubes OS 3.2]: /news/2016/09/02/4-0-minimum-requirements-3-2-extended-support/#extended-support-for-qubes-os-32 26 | [Qubes 4.0: The Past and the Future]: /news/2018/03/28/qubes-40/#the-past-and-the-future 27 | [Qubes 3.2 Approaching EOL on 2019-03-28]: /news/2019/02/20/qubes-3-2-approaching-eol 28 | 29 | -------------------------------------------------------------------------------- /2021-03-04-xsas-released-on-2021-03-04.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-03-04" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project released one or more new Xen Security Advisories (XSAs) on 2021-03-04. 9 | The security of Qubes OS **is not affected** by these XSAs. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-367 (not affected; Qubes uses PVH/HVM) 27 | - XSA-369 (DoS only) 28 | 29 | 30 | Related links 31 | ------------- 32 | 33 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 34 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 35 | - [XSA Tracker](/security/xsa/) 36 | 37 | -------------------------------------------------------------------------------- /2020-05-22-moss-mission-partners-award.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes wins MOSS Mission Partners award!" 4 | categories: announcements 5 | author: Andrew David Wong 6 | redirect_from: /news/2020/05/22/moss-mission-partners-grant/ 7 | --- 8 | 9 | We're proud to announce that the Qubes OS Project has won a 10 | [Mozilla Open Source Support (MOSS)] award in the amount 11 | of 128,000 USD. This generous one-year award will fund the work of 12 | [Frédéric Pierret] on making Qubes more robust and stable, as well as 13 | several key parts of Nina Alter's extensive work on making Qubes more 14 | user-friendly. 15 | 16 | There are three separate tracks for MOSS awards. Qubes has won an 17 | award in the [Mission Partners] track. As Mozilla explains, "The 18 | Mission Partners track supports open source projects that significantly 19 | advance Mozilla’s mission." It is a great honor for Qubes to be 20 | recognized as such a project, and we're thrilled by the important work 21 | that this award will enable. 22 | 23 | 24 | [Mozilla Open Source Support (MOSS)]: https://www.mozilla.org/en-US/moss/ 25 | [Frédéric Pierret]: /team/#frédéric-pierret 26 | [Mission Partners]: https://www.mozilla.org/en-US/moss/mission-partners/ 27 | 28 | -------------------------------------------------------------------------------- /2019-08-07-announcing-our-2019-season-of-docs-project.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Announcing our 2019 Season of Docs project: Onboard with Qubes OS!" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Season of Docs program has [announced] the technical writing projects chosen for 2019. 9 | We are pleased to congratulate [Lukas à Porta (aka luzeal)] on the selection of his project: [Onboard with Qubes OS!] 10 | 11 | We received many excellent proposals from talented writers. 12 | Unfortunately, we had to choose just a single one, and this decision was extremely difficult. 13 | Regardless of whether you applied or your proposal was accepted, we invite you to [collaborate on the Qubes documentation]. 14 | The documentation is primarily a community effort, and it only gets better when you get involved! 15 | 16 | 17 | [announced]: https://opensource.googleblog.com/2019/08/season-of-docs-announces-technical.html 18 | [Lukas à Porta (aka luzeal)]: https://groups.google.com/d/topic/qubes-project/0AdqOTpuW1Q/discussion 19 | [Onboard with Qubes OS!]: https://developers.google.com/season-of-docs/docs/participants/project-qubes 20 | [collaborate on the Qubes documentation]: /doc/how-to-edit-the-documentation/ 21 | 22 | -------------------------------------------------------------------------------- /2020-10-20-xsa-286-331-332-345-qubes-not-affected.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs 286, 331, 332, and 345 do not affect the security of Qubes OS" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has published the following Xen Security Advisories: 9 | XSA-286, XSA-331, XSA-332, and XSA-345. These XSAs do **not** affect the 10 | security of Qubes OS, and no user action is necessary. 11 | 12 | **Special note:** Although XSA-345 is included in [QSB #060], we do not 13 | consider XSA-345 to affect the security of Qubes OS, since the default 14 | configuration is safe, and we have already implemented appropriate 15 | safeguards to prevent users from changing to a vulnerable configuration 16 | by accident. Please see the Impact section of [QSB #060] for further 17 | details. 18 | 19 | These XSAs have been added to the [XSA Tracker]: 20 | 21 | [https://www.qubes-os.org/security/xsa/#286](/security/xsa/#286) 22 | [https://www.qubes-os.org/security/xsa/#331](/security/xsa/#331) 23 | [https://www.qubes-os.org/security/xsa/#332](/security/xsa/#332) 24 | [https://www.qubes-os.org/security/xsa/#345](/security/xsa/#345) 25 | 26 | 27 | [QSB #060]: /news/2020/10/20/qsb-060/ 28 | [XSA Tracker]: /security/xsa/ 29 | 30 | -------------------------------------------------------------------------------- /2021-09-08-xsas-released-on-2021-09-08.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-09-08" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-384 (already covered by the fix for QSB-070) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - Xen XSA list: 33 | - Qubes XSA tracker: 34 | - Qubes security pack (qubes-secpack): 35 | - Qubes security bulletins (QSBs): 36 | 37 | -------------------------------------------------------------------------------- /2022-10-11-xsas-released-on-2022-10-11.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-10-11" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | ## XSAs that affect the security of Qubes OS (user action required) 14 | 15 | The following XSAs **do affect** the security of Qubes OS: 16 | 17 | - (none) 18 | 19 | 20 | ## XSAs that do not affect the security of Qubes OS (no user action required) 21 | 22 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 23 | 24 | - XSA-409 (ARM architecture only) 25 | - XSA-410 (denial-of-service only) 26 | - XSA-411 (denial-of-service only; gnttab v2 is unused in Qubes OS) 27 | - XSA-413 (denial-of-service only; XAPI is unused in Qubes OS) 28 | 29 | 30 | ## Related links 31 | 32 | - Xen XSA list: 33 | - Qubes XSA tracker: 34 | - Qubes security pack (qubes-secpack): 35 | - Qubes security bulletins (QSBs): 36 | -------------------------------------------------------------------------------- /2021-11-19-xsas-released-on-2021-11-19.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-11-19" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-390 (affects only Xen versions >=4.15; Qubes currently uses 4.14 and 4.8) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - Xen XSA list: 33 | - Qubes XSA tracker: 34 | - Qubes security pack (qubes-secpack): 35 | - Qubes security bulletins (QSBs): 36 | 37 | -------------------------------------------------------------------------------- /2021-02-19-xsas-released-on-2021-02-18.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-02-18" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project released one or more new Xen Security Advisories (XSAs) on 2021-02-18. 9 | The security of Qubes OS **is affected** by one or more of these XSAs. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-366 19 | 20 | Please see [QSB-065](/news/2021/02/19/qsb-065/) for the actions users must take in order to protect themselves, as well as further details about these XSAs. 21 | 22 | 23 | XSAs that do not affect the security of Qubes OS (no user action required) 24 | -------------------------------------------------------------------------- 25 | 26 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 27 | 28 | - (None) 29 | 30 | 31 | Related links 32 | ------------- 33 | 34 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 35 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 36 | - [XSA Tracker](/security/xsa/) 37 | 38 | -------------------------------------------------------------------------------- /2019-06-27-marek-marczykowski-gorecki-xen-summit-2019.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Marek Marczykowski-Górecki to speak at Xen Developer and Design Summit 2019" 4 | categories: talks 5 | author: Andrew David Wong 6 | --- 7 | 8 | [Marek Marczykowski-Górecki] will be speaking at this year's [Xen 9 | Developer and Design Summit]. The summit will take place July 9--11 in 10 | Chicago, Illinois. Marek's presentation is titled, "A Journey to Mirage 11 | OS as Xen PVH." Here is the description from the [Xen summit schedule]: 12 | 13 | > Marek will present difficulties faced during converting Mirage OS Xen 14 | > build from old PV-only Mini-OS fork, to recent Unikraft with addition 15 | > of PVH support. This talk will focus mostly on the latter part - 16 | > adding PVH support to Unikraft, its current state and future work. 17 | > There will be also a little of context how is that useful for Qubes 18 | > OS. 19 | 20 | Please see the [Xen summit schedule] for further session details. 21 | 22 | [Marek Marczykowski-Górecki]: /team/#marek-marczykowski-górecki 23 | [Xen Developer and Design Summit]: https://events.linuxfoundation.org/events/xensummit-2019/ 24 | [Xen summit schedule]: https://xensummit19.sched.com/event/PFW3/a-journey-to-mirage-os-as-xen-pvh-marek-marczykowski-gorecki-invisible-things-lab 25 | -------------------------------------------------------------------------------- /2025-07-17-qubes-os-summit-2025-tickets-now-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2025: Tickets for sale and Call for Participation open!" 4 | categories: announcements 5 | author: The 3mdeb and Qubes teams 6 | --- 7 | 8 | You can now purchase on-site tickets to attend [Qubes OS Summit 2025](https://events.dasharo.com/event/2/qubes-os-summit-2025) in person! Please note that a limited number of on-site tickets are available, and tickets are more heavily discounted the earlier they're purchased. 9 | 10 | For those who would prefer to participate remotely instead, the event will be broadcast live on YouTube, where anyone can watch with no ticket required. We'll also use Jitsi for remote attendees who wish to participate actively without using YouTube (including remote speakers). This latter option requires a free virtual ticket. 11 | 12 | [![Qubes OS Summit 2025 event poster](/attachment/posts/qubes-os-summit-2025.jpg)](https://events.dasharo.com/event/2/qubes-os-summit-2025) 13 | 14 | In addition, the [Call for Participation (CFP) for Qubes OS Summit 2025](https://cfp.3mdeb.com/qubes-os-summit-2025/cfp) is now open! If you'd like to speak at the summit, we invite you to submit a proposal. The deadline for proposals is 2025-07-31 23:59 (UTC), which is approximately two weeks from now. 15 | -------------------------------------------------------------------------------- /2021-12-20-xsas-released-on-2021-12-20.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-12-20" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-376 (denial-of-service only) 27 | - XSA-391 (denial-of-service only) 28 | - XSA-392 (denial-of-service only) 29 | 30 | 31 | Related links 32 | ------------- 33 | 34 | - Xen XSA list: 35 | - Qubes XSA tracker: 36 | - Qubes security pack (qubes-secpack): 37 | - Qubes security bulletins (QSBs): 38 | -------------------------------------------------------------------------------- /2018-01-23-qubes-whonix-next-gen-tor-onion-services.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes and Whonix now have next-generation Tor onion services!" 4 | date: 2018-01-23 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Qubes and Whonix projects now have [next-generation Tor onion 10 | services][tor-v3] (a.k.a. "v3 onion services"), which provide [several 11 | security improvements][tor-wiki] over v2 onion services: 12 | 13 | **Qubes:** 14 | **Whonix:** 15 | 16 | These services run alongside our existing ("v2") onion services: 17 | 18 | **Qubes:** 19 | **Whonix:** 20 | 21 | For instructions on accessing the new addresses and further details, 22 | please see the [Whonix announcement]. Our sincere thanks go to the 23 | Whonix team, and especially **fortasse**, the Whonix server 24 | administrator, for doing this. 25 | 26 | 27 | [tor-v3]: https://blog.torproject.org/tors-fall-harvest-next-generation-onion-services 28 | [tor-wiki]: https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions 29 | [Whonix announcement]: https://www.whonix.org/blog/whonix-new-v3-onion-address 30 | -------------------------------------------------------------------------------- /2020-10-09-calling-all-humans.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: Calling all humans! 4 | categories: announcements 5 | author: Nina Eleanor Alter 6 | --- 7 | 8 | Greetings, Qubes community! We are running our first ever survey of current, former, and future Qubes OS users. We invite you all to lend us 10-15min of your time, to participate. Of note: we've had reports that in Firefox on Android devices, it does not work. FYI. 9 | 10 | 11 | 12 | The Qubes OS team loves the conversations we have with our community across forums, email lists, in support tickets, and at conferences. As most of us understand, though, structured data is very different --- and clear information to help us make product and development decisions in the weeks and months to come, we feel is necessary to best serve our users. 13 | 14 | This survey is also just the beginning of several weeks of user research work that will consist of interviews, user testing, co-creation workshop(s) with users guided by a ux specialist, and possibly more surveys. At the end of this survey, we’ll collect contact information should participating in that work be of interest to folks. We also look forward to keeping folks updated in our user communities, with how all of this work is progressing. 15 | 16 | -------------------------------------------------------------------------------- /2024-03-03-novacustom-nv41-series-with-heads-certified.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes-certified NovaCustom NV41 Series laptop now available with Heads firmware" 4 | categories: announcements 5 | author: The NovaCustom and Qubes teams 6 | --- 7 | 8 | Last year, we [announced](/news/2023/05/03/novacustom-nv41-series-qubes-certified/) that the [NovaCustom NV41 Series](https://novacustom.com/product/nv41-series/) became a [Qubes-certified computer](/doc/certified-hardware) for Qubes OS 4. We noted in the announcement that the NV41 Series came with [Dasharo](https://www.dasharo.com/) [coreboot](https://www.coreboot.org/) open-source firmware. 9 | 10 | We are now pleased to announce that the NV41 Series is also available with [Heads firmware](https://osresearch.net/). When you [configure your NV41 Series](https://novacustom.com/product/nv41-series/), you can now choose either Dasharo coreboot+EDK-II (default) or Dasharo coreboot+Heads for the firmware. Both options are certified for Qubes OS 4. This makes the NV41 Series the first modern Qubes-certified computer available with Heads! 11 | 12 | Current NV41 Series owners who wish to change from Dasharo coreboot+EDK-II to the Heads firmware version can [buy the Dasharo Entry Subscription](https://novacustom.com/product/dasharo-entry-subscription/) for an easy transition to Heads. 13 | -------------------------------------------------------------------------------- /2019-07-01-whonix-15-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Whonix 15 has been released" 4 | date: 2019-07-01 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | The [Whonix Project] announced the release of [Whonix 15] today. 10 | Project lead [Patrick Schleizer] wrote: 11 | 12 | > After approximately one year of development, the Whonix Project is proud to announce the release of Whonix 15. 13 | > 14 | > Whonix 15 is based on the Debian buster (Debian 10) distribution. This means users have access to many new software packages in concert with existing packages, such as a modern branch of GNuPG, and more. 15 | 16 | For a list of major new features and further details, please see the [official announcement][Whonix 15]. 17 | 18 | Please note that, according to the [Whonix Support Schedule], Whonix 14 will reach end-of-life (EOL) in one month. 19 | Therefore, all current Whonix users are urged to [upgrade from Whonix 14 to Whonix 15] within the next month. 20 | 21 | 22 | [Whonix Project]: https://www.whonix.org/ 23 | [Whonix 15]: https://forums.whonix.org/t/whonix-15-has-been-released/7616 24 | [Patrick Schleizer]: /team/#patrick-schleizer 25 | [Whonix Support Schedule]: https://www.whonix.org/wiki/About#Support_Schedule 26 | [upgrade from Whonix 14 to Whonix 15]: https://www.whonix.org/wiki/Upgrading_Whonix_14_to_Whonix_15 27 | -------------------------------------------------------------------------------- /2019-02-20-qubes-3-2-approaching-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.2 approaching EOL on 2019-03-28" 4 | date: 2019-02-20 5 | categories: 6 | - announcements 7 | - releases 8 | author: Andrew David Wong 9 | --- 10 | 11 | Qubes OS releases are normally [supported] for six months after each 12 | subsequent [major or minor release]. However, in light of the more 13 | demanding [system requirements] of Qubes 4.0, we previously announced 14 | that we were [extending] the support period for Qubes 3.2 to one full 15 | year after the release of Qubes 4.0. Since Qubes 4.0 was [released] on 16 | 2018-03-28, support for Qubes 3.2 is [extended until 2019-03-28]. 17 | 18 | Therefore, we strongly urge all current Qubes 3.2 users to [upgrade to 19 | Qubes 4.0] before Qubes 3.2 reaches end-of-life (EOL) on 2019-03-28. 20 | As always, the latest release is available on the [downloads] page. 21 | 22 | [supported]: /doc/supported-releases/ 23 | [major or minor release]: /doc/version-scheme/ 24 | [system requirements]: /doc/system-requirements/ 25 | [extending]: /news/2016/09/02/4-0-minimum-requirements-3-2-extended-support/#extended-support-for-qubes-os-32 26 | [released]: /news/2018/03/28/qubes-40/ 27 | [extended until 2019-03-28]: /news/2018/03/28/qubes-40/#the-past-and-the-future 28 | [upgrade to Qubes 4.0]: /doc/upgrade-to-r4.0/ 29 | [downloads]: /downloads/ 30 | 31 | -------------------------------------------------------------------------------- /2021-10-07-xsas-released-on-2021-10-05.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-10-05" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected**. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-386 (in practice affects only Xen 4.14.3+ due to another bug that cancels out this security flaw; the other bug was fixed in 4.14.3, which exposed this flaw) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - Xen XSA list: 33 | - Qubes XSA tracker: 34 | - Qubes security pack (qubes-secpack): 35 | - Qubes security bulletins (QSBs): 36 | 37 | -------------------------------------------------------------------------------- /2016-07-28-qubes-OS-3-2-rc2-has-been-released.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 3.2 rc2 has been released!" 4 | date: 2016-07-28 5 | categories: 6 | - releases 7 | download_url: /downloads/ 8 | author: Andrew David Wong 9 | --- 10 | Today we're releasing the second release candidate for Qubes 3.2, which includes 11 | many bug fixes over the [previous release candidate][qubes-32-rc1-announced]. 12 | All critical bugs we know of are fixed, including XSA 182, which was recently 13 | announced in [Qubes Security Bulletin #24][qsb-24]. However, there are still 14 | some non-critical bugs to iron out prior to final release of 3.2. 15 | 16 | Beginning with this release, we've officially switched from KDE to Xfce4, which 17 | is now the new default desktop environment in dom0. Read the 18 | [release notes][release-notes] for more details, installation and update 19 | instructions. The installation image can be downloaded from [here][download]. 20 | 21 | Thank you to all the users testing release candidates and submitting bug 22 | reports! Your feedback helps us to make the final release as stable as possible. 23 | 24 | [qubes-32-rc1-announced]: /news/2016/06/18/qubes-OS-3-2-rc1-has-been-released/ 25 | [qsb-24]: https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-024-2016.txt 26 | [release-notes]: /doc/releases/3.2/release-notes/ 27 | [download]: /downloads/ 28 | -------------------------------------------------------------------------------- /2018-01-04-xsa-254-meltdown-spectre.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Announcement regarding XSA-254 (Meltdown and Spectre attacks)" 4 | date: 2018-01-04 5 | categories: security 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Qubes Security Team is currently investigating the extent to which 10 | [XSA-254] (and the [Meltdown] and [Spectre] attacks more generally) 11 | affect the security of Qubes OS. The practical impact of these attacks 12 | on Qubes is currently unclear. While the Qubes Security Team is a 13 | member of the [Xen predisclosure list], [XSA-254] was disclosed on an 14 | accelerated timetable ahead of schedule, so our team has not yet had a 15 | chance to analyze these attacks, nor has the Xen Project released any 16 | patches associated with [XSA-254]. We are continuing to monitor the 17 | situation closely. Once the Security Team makes a determination about 18 | the impact on Qubes, we will make another announcement, update the 19 | [XSA Tracker], and, if appropriate, issue a [Qubes Security Bulletin] 20 | with information about patching. 21 | 22 | [XSA-254]: https://xenbits.xen.org/xsa/advisory-254.html 23 | [Meltdown]: https://meltdownattack.com/ 24 | [Spectre]: https://spectreattack.com/ 25 | [Xen predisclosure list]: https://www.xenproject.org/security-policy.html 26 | [XSA Tracker]: /security/xsa/ 27 | [Qubes Security Bulletin]: /security/qsb/ 28 | 29 | -------------------------------------------------------------------------------- /2021-05-04-xsas-released-on-2021-05-04.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-05-04" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more new Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is not affected** by these XSAs. 10 | Therefore, **no user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - (None) 19 | 20 | 21 | XSAs that do not affect the security of Qubes OS (no user action required) 22 | -------------------------------------------------------------------------- 23 | 24 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 25 | 26 | - XSA-370 (Qubes OS does not support 32-bit PV guests. In Qubes 4.0, PV guests cannot switch from 32-bit to 64-bit on their own, and we ship only 64-bit kernels. In Qubes 4.1, 32-bit PV is disabled at build time.) 27 | 28 | 29 | Related links 30 | ------------- 31 | 32 | - [XSA list (on xen.org)](https://xenbits.xen.org/xsa/) 33 | - [Qubes XSA Tracker](/security/xsa/) 34 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 35 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 36 | 37 | -------------------------------------------------------------------------------- /2021-02-17-xsas-released-on-2021-02-16.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-02-16" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project released one or more new Xen Security Advisories (XSAs) on 2021-02-16. 9 | The security of Qubes OS **is affected** by one or more of these XSAs. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-365 19 | 20 | Please see [QSB-064](/news/2021/02/17/qsb-064/) for the actions users must take in order to protect themselves, as well as further details about these XSAs. 21 | 22 | 23 | XSAs that do not affect the security of Qubes OS (no user action required) 24 | -------------------------------------------------------------------------- 25 | 26 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 27 | 28 | - XSA-361 (DoS-only) 29 | - XSA-362 (DoS-only) 30 | - XSA-363 (DoS-only) 31 | - XSA-364 (ARM-only) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 38 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 39 | - [XSA Tracker](/security/xsa/) 40 | 41 | -------------------------------------------------------------------------------- /2022-03-10-xsas-released-on-2022-03-08.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-03-08" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-398 19 | 20 | Please see **QSB-077** for the actions users must take in order to 21 | protect themselves, as well as further details about these XSAs: 22 | 23 | 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - (None) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - Xen XSA list: 38 | - Qubes XSA tracker: 39 | - Qubes security pack (qubes-secpack): 40 | - Qubes security bulletins (QSBs): 41 | -------------------------------------------------------------------------------- /2022-03-10-xsas-released-on-2022-03-10.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-03-10" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-396 19 | 20 | Please see **QSB-078** for the actions users must take in order to 21 | protect themselves, as well as further details about these XSAs: 22 | 23 | 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - (None) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - Xen XSA list: 38 | - Qubes XSA tracker: 39 | - Qubes security pack (qubes-secpack): 40 | - Qubes security bulletins (QSBs): 41 | -------------------------------------------------------------------------------- /2022-06-17-xsas-released-on-2022-06-14.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-06-14" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-404 19 | 20 | Please see **QSB-081** for the actions users must take in order to 21 | protect themselves, as well as further details about these XSAs: 22 | 23 | 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - (none) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - Xen XSA list: 38 | - Qubes XSA tracker: 39 | - Qubes security pack (qubes-secpack): 40 | - Qubes security bulletins (QSBs): 41 | -------------------------------------------------------------------------------- /2022-07-13-xsas-released-on-2022-07-12.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-07-12" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-407 19 | 20 | Please see **QSB-083** for the actions users must take in order to 21 | protect themselves, as well as further details about these XSAs: 22 | 23 | 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - (none) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - Xen XSA list: 38 | - Qubes XSA tracker: 39 | - Qubes security pack (qubes-secpack): 40 | - Qubes security bulletins (QSBs): 41 | -------------------------------------------------------------------------------- /2021-06-08-xsas-released-on-2021-06-08.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-06-08" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more new Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected** by one or more of these XSAs. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-373 19 | - XSA-374 20 | - XSA-375 21 | - XSA-377 22 | 23 | Please see [QSB-069](/news/2021/06/08/qsb-069/) for the actions users must take in order to protect themselves, as well as further details about these XSAs. 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - XSA-372 (affects only Arm systems) 32 | 33 | 34 | Related links 35 | ------------- 36 | 37 | - [XSA list (on xen.org)](https://xenbits.xen.org/xsa/) 38 | - [Qubes XSA Tracker](/security/xsa/) 39 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 40 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 41 | 42 | -------------------------------------------------------------------------------- /2022-06-09-xsas-released-on-2022-06-09.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-06-09" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-401 19 | - XSA-402 20 | 21 | Please see **QSB-080** for the actions users must take in order to 22 | protect themselves, as well as further details about these XSAs: 23 | 24 | 25 | 26 | 27 | XSAs that do not affect the security of Qubes OS (no user action required) 28 | -------------------------------------------------------------------------- 29 | 30 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 31 | 32 | - (none) 33 | 34 | 35 | Related links 36 | ------------- 37 | 38 | - Xen XSA list: 39 | - Qubes XSA tracker: 40 | - Qubes security pack (qubes-secpack): 41 | - Qubes security bulletins (QSBs): 42 | -------------------------------------------------------------------------------- /2022-07-05-xsas-released-on-2022-07-05.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-07-05" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-403 19 | - XSA-405 20 | 21 | Please see **QSB-082** for the actions users must take in order to 22 | protect themselves, as well as further details about these XSAs: 23 | 24 | 25 | 26 | 27 | XSAs that do not affect the security of Qubes OS (no user action required) 28 | -------------------------------------------------------------------------- 29 | 30 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 31 | 32 | - XSA-406 (ARM architecture only) 33 | 34 | 35 | Related links 36 | ------------- 37 | 38 | - Xen XSA list: 39 | - Qubes XSA tracker: 40 | - Qubes security pack (qubes-secpack): 41 | - Qubes security bulletins (QSBs): 42 | -------------------------------------------------------------------------------- /2022-04-05-xsas-released-on-2022-04-05.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-04-05" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-399 19 | - XSA-400 20 | 21 | Please see **QSB-079** for the actions users must take in order to 22 | protect themselves, as well as further details about these XSAs: 23 | 24 | 25 | 26 | 27 | XSAs that do not affect the security of Qubes OS (no user action required) 28 | -------------------------------------------------------------------------- 29 | 30 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 31 | 32 | - XSA-397 (denial of service only) 33 | 34 | 35 | Related links 36 | ------------- 37 | 38 | - Xen XSA list: 39 | - Qubes XSA tracker: 40 | - Qubes security pack (qubes-secpack): 41 | - Qubes security bulletins (QSBs): 42 | -------------------------------------------------------------------------------- /2025-07-08-qubes-os-summit-2025-call-for-sponsors.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2025: Call for sponsors" 4 | categories: announcements 5 | author: The 3mdeb and Qubes teams 6 | --- 7 | 8 | The Qubes OS Project and [3mdeb](https://3mdeb.com/) are excited to announce the upcoming [Qubes OS Summit 2025](https://events.dasharo.com/event/2/qubes-os-summit-2025)! This event will be an incredible opportunity for the community to come together, share knowledge, and discuss the future of secure computing. 9 | 10 | **Event Details:** 11 | - **Date:** Fri, Sep 26, 2025 10:00 AM -- Sun, Sep 28, 2025 3:00 PM GMT+2 12 | - **Location:** The Social Hub Berlin (Alexanderstraße 40, Berlin, 10179, DE) 13 | - **Format:** In-person event with online participation option featuring talks, workshops, and networking opportunities 14 | 15 | To make this summit a success, we're seeking sponsors who are interested in supporting our mission and engaging with our vibrant community. Sponsorship offers a unique chance to showcase your commitment to security and privacy while gaining visibility among a diverse audience of developers, researchers, and enthusiasts. 16 | 17 | For detailed information about sponsorship opportunities, please refer to our [Qubes OS Summit 2025 Sponsorship Prospectus](https://dl.3mdeb.com/dasharo/qoss/2025/qubes_os_summit_2025_prospectus.pdf). 18 | 19 | We look forward to your support in making Qubes OS Summit 2025 a remarkable event! 20 | -------------------------------------------------------------------------------- /2021-11-14-whonix-15-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Whonix 15 has reached EOL" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Whonix 15 has reached EOL (end-of-life). If you have not already done 9 | so, we strongly recommend upgrading your Whonix 15 templates and 10 | standalones to [Whonix 16] immediately. The Whonix Project provides 11 | fresh Whonix 16 template packages through the Qubes community template 12 | repositories, which you can install in dom0 by following the standard 13 | [installation instructions]. Alternatively, the Whonix Project also 14 | provides step-by-step instructions for [performing an in-place upgrade] 15 | of an existing Whonix 15 template. After upgrading your templates, 16 | please remember to [switch all qubes that were using the old template 17 | to use the new one][switching]. 18 | 19 | For a complete list of template releases supported for your specific 20 | Qubes release, please see our [supported template releases]. 21 | 22 | 23 | [Whonix 16]: /news/2021/09/30/whonix-16-template-available/ 24 | [installation instructions]: https://www.whonix.org/wiki/Qubes/Install 25 | [performing an in-place upgrade]: https://www.whonix.org/wiki/Release_Upgrade_Whonix_15_to_Whonix_16 26 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 27 | [supported template releases]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 28 | -------------------------------------------------------------------------------- /2022-01-25-xsas-released-on-2022-01-25.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2022-01-25" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-395 19 | 20 | Please see **QSB-075** for the actions users must take in order to 21 | protect themselves, as well as further details about these XSAs: 22 | 23 | 24 | 25 | 26 | XSAs that do not affect the security of Qubes OS (no user action required) 27 | -------------------------------------------------------------------------- 28 | 29 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 30 | 31 | - XSA-393 (ARM architectures only) 32 | - XSA-394 (denial-of-service only) 33 | 34 | 35 | Related links 36 | ------------- 37 | 38 | - Xen XSA list: 39 | - Qubes XSA tracker: 40 | - Qubes security pack (qubes-secpack): 41 | - Qubes security bulletins (QSBs): 42 | -------------------------------------------------------------------------------- /2023-12-22-whonix-16-approaching-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Whonix 16 approaching EOL" 4 | categories: announcements 5 | --- 6 | 7 | Whonix 16 is currently [scheduled](https://www.whonix.org/wiki/About#Qubes_Hosts) to reach EOL (end-of-life) on 2024-01-18. We strongly recommend that all Whonix users upgrade to Whonix 17 before then. For more information, see [Upgrading to avoid EOL](https://doc.qubes-os.org/en/latest/user/how-to-guides/how-to-update.html#upgrading-to-avoid-eol). Please note that Whonix 17 is available only on Qubes OS 4.2. 8 | 9 | There are three ways to upgrade to Whonix 17: 10 | 11 | - **Recommended:** Perform a [clean installation](/doc/installation-guide/) of [Qubes OS 4.2.0](/news/2023/12/18/qubes-os-4-2-0-has-been-released/), which comes with Whonix 17 templates preinstalled (if selected during installation). 12 | 13 | - **Recommended:** [Install fresh Whonix templates to replace the existing ones.](https://www.whonix.org/wiki/Qubes/Install) After you install the new templates, redo all desired template modifications and [switch everything that was set to the old templates to the new templates](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 14 | 15 | - **Advanced:** Perform an [in-place upgrade from Whonix 16 to Whonix 17](https://www.whonix.org/wiki/Release_Upgrade_16_to_17). This option will preserve any modifications you've made to the templates, **but it may be more complicated for less experienced users.** 16 | -------------------------------------------------------------------------------- /2017-06-05-qubes-donation-update.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: Qubes OS Donation Update 4 | date: 2017-06-05 5 | categories: announcements 6 | --- 7 | 8 | Thank you to everyone who has [donated][donations] to the Qubes OS Project! 9 | As many of you know, there are two ways to donate: through our [Bitcoin fund] 10 | and through [Open Collective]. Some of you may have noticed that we 11 | haven't spent any of the funds donated through Open Collective yet. This 12 | is because we've been waiting until there are sufficient funds to pay a 13 | developer to work specifically on Qubes tasks. We've now reached that 14 | point! Soon, we'll begin making our first series of payments. We'll be 15 | filing these expenses through Open Collective so that the process is 16 | completely transparent. Meanwhile, we've already begun using some of the 17 | Bitcoin funds to pay developers to work on Qubes, and we'll be increasing 18 | this even more in the near future. 19 | 20 | While we're extremely grateful for all the donations we've received, 21 | it's worth noting that they cover just a fraction of what it costs to pay 22 | the Qubes developers each year. If you'd like to start [supporting][donations] 23 | the development of Qubes, or continue to do so, there's no better time than 24 | now! 25 | 26 | Thank you, 27 | The Qubes OS Team 28 | 29 | [donations]: /donate/ 30 | [Open Collective]: https://opencollective.com/qubes-os 31 | [Bitcoin fund]: /news/2016/07/13/qubes-distributed-fund/ 32 | 33 | -------------------------------------------------------------------------------- /2024-09-22-qubes-os-summit-2024-has-concluded-videos-now-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2024 has concluded; videos now available" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | Thank you to everyone who attended this year's [Qubes OS Summit](https://vpub.dasharo.com/e/16/qubes-os-summit-2024/), both physically and virtually, and a special thanks to [3mdeb](https://3mdeb.com/) for their tireless efforts in organizing Qubes OS Summits over the years! 10 | 11 | If you missed the summit, or if you'd like to review any of the presentations, video recordings from this year's summit are now available! 12 | 13 | ## Qubes OS Summit 2024: Day 1 14 | 15 | 16 | 17 | ## Qubes OS Summit 2024: Day 2 18 | 19 | 20 | -------------------------------------------------------------------------------- /2025-05-20-qubes-certified-novacustom-v54-v56-now-available-with-heads.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes-certified NovaCustom V54 and V56 Series laptops now available with Heads firmware" 4 | categories: announcements 5 | author: The NovaCustom and Qubes teams 6 | --- 7 | 8 | We're pleased to announce that the [NovaCustom](https://novacustom.com/) [V54 Series](/doc/certified-hardware/novacustom-v54-series/) and [V56 Series](/doc/certified-hardware/novacustom-v56-series/) laptops, both of which are already [officially certified](/doc/certified-hardware/) for Qubes OS 4, are now available with [Heads](https://osresearch.net/), which is a new Qubes-certified firmware option for these models. 9 | 10 | When you configure your [V54 Series](https://novacustom.com/product/v54-series/) or [V56 Series](https://novacustom.com/product/v56-series/) laptop on the NovaCustom website, you can now choose Heads by selecting the firmware option labeled, "Yes - deploy coreboot+Heads (instead of coreboot+EDK-II)." Current owners of these models can also upgrade to Heads with the [Dasharo Pro Package](https://novacustom.com/product/dasharo-pro-package/). 11 | 12 | Heads firmware enhances security by establishing a strong chain of trust, using the hardware TPM to protect against firmware manipulation, ensure boot verification, and support USB security device functionality during startup. However, if you'd prefer not to use Heads for any reason, the original coreboot+EDK-II firmware option remains certified. 13 | -------------------------------------------------------------------------------- /2021-09-30-whonix-16-template-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Whonix 16 template available" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | The [Whonix Project] has announced the release of [Whonix 16]. For a list of 9 | changes and further details, please see the [official announcement][Whonix 16]. 10 | 11 | Please note that, according to the [Whonix support schedule], Whonix 15 will 12 | reach end-of-life (EOL) in one month. This coincides with the end date for 13 | Whonix 15 template support in Qubes according to the [Whonix Project's support 14 | policy for Whonix templates in Qubes]. Therefore, all Whonix users are urged to 15 | upgrade from Whonix 15 to Whonix 16 within the next month. 16 | 17 | The Whonix Project provides instructions for [installing fresh Whonix 16 18 | templates] as well as instructions for [performing an in-place upgrade from 19 | Whonix 15 to Whonix 16]. 20 | 21 | [Whonix Project]: https://www.whonix.org/ 22 | [Whonix 16]: https://forums.whonix.org/t/12465 23 | [Whonix support schedule]: https://www.whonix.org/wiki/About#Support_Schedule 24 | [Whonix Project's support policy for Whonix templates in Qubes]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-whonix-support 25 | [installing fresh Whonix 16 templates]: https://www.whonix.org/wiki/Qubes/Install 26 | [performing an in-place upgrade from Whonix 15 to Whonix 16]: https://www.whonix.org/wiki/Release_Upgrade_Whonix_15_to_Whonix_16 27 | -------------------------------------------------------------------------------- /2019-03-24-tor-onion-services-no-longer-maintained.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes Tor onion services will no longer be maintained" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Update (2019-03-25) 9 | ------------------- 10 | 11 | [Unman] has generously agreed to bring the Qubes Tor onion services 12 | back and maintain them. He has considerable experience in hosting and 13 | infrastructure management, including running onion services. He is 14 | working on it now. We'll have another update for you soon. Thank you, 15 | unman! 16 | 17 | Original announcement 18 | --------------------- 19 | 20 | We regret to announce that the Qubes Tor onion services will no longer 21 | be maintained due to lack of resources. This includes all Qubes onion 22 | services, including the Qubes website onion mirror and the onion package 23 | repos. 24 | 25 | We would like to thank the Whonix Project for generously maintaining 26 | these services [for over a year][orig-onion-ann]. Maintaining the Tor 27 | onion services requires labor, servers, and bandwidth. Unfortunately, 28 | none of these resources are available to the Qubes OS or Whonix projects 29 | in sufficient quantities to allow us to continue offering these 30 | services. 31 | 32 | We recommend that users who currently rely on any Qubes onion addresses 33 | transition to the corresponding clearnet addresses immediately. 34 | 35 | 36 | [Unman]: /team/#unman 37 | [orig-onion-ann]: /news/2018/01/23/qubes-whonix-next-gen-tor-onion-services/ 38 | 39 | -------------------------------------------------------------------------------- /2021-11-24-xsas-released-on-2021-11-23.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-11-23" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected**. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-388 19 | - XSA-389 20 | 21 | Please see **QSB-074** for the actions users must take in order to 22 | protect themselves, as well as further details about these XSAs: 23 | 24 | 25 | 26 | 27 | XSAs that do not affect the security of Qubes OS (no user action required) 28 | -------------------------------------------------------------------------- 29 | 30 | The following XSAs **do not affect** the security of Qubes OS, and no 31 | user action is necessary: 32 | 33 | - XSA-385 (DoS only; Qubes has BIGMEM disabled) 34 | - XSA-387 (Qubes has grant tables v2 disabled) 35 | 36 | 37 | Related links 38 | ------------- 39 | 40 | - Xen XSA list: 41 | - Qubes XSA tracker: 42 | - Qubes security pack (qubes-secpack): 43 | - Qubes security bulletins (QSBs): 44 | 45 | -------------------------------------------------------------------------------- /2023-03-03-fedora-37-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 37 templates available" 4 | categories: announcements 5 | --- 6 | 7 | New Fedora 37 templates are now available! We provide fresh Fedora 37 template packages through the official Qubes repositories, which you can install in dom0 by following the standard [installation instructions](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing). Alternatively, we also provide step-by-step instructions for [performing an in-place upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora-upgrade.html) of an existing Fedora template. After upgrading your templates, please remember to [switch all qubes that were using the old template to use the new one](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 8 | 9 | As a reminder, [Fedora 35 has reached EOL](/news/2022/12/08/fedora-35-reaches-eol-on-2022-12-13/). If you have not already done so, we strongly recommend that you [upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading) all Fedora 35 10 | templates and standalones to a [supported template release](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates) immediately. 11 | 12 | Please note that no user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 13 | -------------------------------------------------------------------------------- /2017-03-21-xsa-tracker.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Xen Security Advisory (XSA) Tracker" 4 | date: 2017-03-21 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | We're pleased to announce the new [Xen Security Advisory (XSA) Tracker][Tracker]. 10 | This tracker clearly shows whether the security of Qubes OS is (or was) affected by any given [XSA] in a simple "Yes" or "No" format. 11 | Since Qubes OS uses Xen for virtualization, we know that many of our users follow new XSA announcements. 12 | However, we also understand that most of our users aren't Xen experts and may not be able to easily determine whether an XSA affects the security of Qubes. 13 | We know that this uncertainty can be unsettling, so our aim with the XSA Tracker is to remove any doubt by communicating this information clearly and directly to users, as we already do with [Qubes Security Bulletins (QSBs)][QSB]. 14 | 15 | It's worth noting that Qubes has typically not been affected by new XSAs. 16 | At present, it has been over six years since the first XSA was published on March 14, 2011. 17 | Since that time, 203 XSAs have been published (excluding unused XSA numbers and currently embargoed XSAs). 18 | However, only 17 (8.37%) of these XSAs have affected the security of Qubes OS. 19 | These [Statistics] will continue to be updated on the [Tracker] page as new XSAs are published. 20 | 21 | 22 | [Tracker]: /security/xsa/ 23 | [XSA]: https://xenbits.xen.org/xsa/ 24 | [QSB]: /security/qsb/ 25 | [Statistics]: /security/xsa/#statistics 26 | 27 | -------------------------------------------------------------------------------- /2019-05-30-fedora-30-template-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 30 TemplateVM available" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | A new Fedora 30 TemplateVM is now available. We 9 | previously announced that [Fedora 28 reached EOL] and encouraged users 10 | to upgrade to Fedora 29. Fedora 29 is still supported by the Fedora 11 | Project, so users may now choose either Fedora 29 or 30 (or both) 12 | depending on their needs and preferences. Instructions are available 13 | for [upgrading from Fedora 29 to 30]. We also provide fresh Fedora 30 14 | TemplateVM packages through the official Qubes repositories, which you 15 | can get with the following commands (in dom0). 16 | 17 | Standard Fedora 30 TemplateVM: 18 | 19 | $ sudo qubes-dom0-update qubes-template-fedora-30 20 | 21 | [Minimal] Fedora 30 TemplateVM: 22 | 23 | $ sudo qubes-dom0-update qubes-template-fedora-30-minimal 24 | 25 | After upgrading to a Fedora 30 TemplateVM, please remember to set all 26 | qubes that were using the old template to use the new one. This can be 27 | done in dom0 either with the [Qubes Template Manager] or with the 28 | [`qvm-prefs`] command-line tool. 29 | 30 | 31 | [Fedora 28 reached EOL]: /news/2019/05/29/fedora-28-eol/ 32 | [upgrading from Fedora 29 to 30]: /doc/template/fedora/upgrade-29-to-30/ 33 | [Minimal]: /doc/templates/fedora-minimal/ 34 | [Qubes Template Manager]: /doc/templates/ 35 | [`qvm-prefs`]: https://dev.qubes-os.org/projects/core-admin-client/en/latest/manpages/qvm-prefs.html 36 | -------------------------------------------------------------------------------- /2024-12-07-fedora-41-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 41 templates available" 4 | categories: announcements 5 | --- 6 | 7 | New Fedora 41 templates are now available for Qubes OS 4.2 in standard, [minimal](/doc/templates/minimal/), and [Xfce](/doc/templates/xfce/) varieties. There are two ways to upgrade a template to a new Fedora release: 8 | 9 | - **Recommended:** [Install a fresh template to replace an existing one.](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing) **This option may be simpler for less experienced users.** After you install the new template, redo all desired template modifications and [switch everything that was set to the old template to the new template](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). You may want to write down the modifications you make to your templates so that you remember what to redo on each fresh install. To see a log of package manager actions, open a terminal in the old Fedora template and use the `dnf history` command. 10 | 11 | - **Advanced:** [Perform an in-place upgrade of an existing Fedora template.](/doc/templates/fedora/in-place-upgrade/) This option will preserve any modifications you've made to the template, **but it may be more complicated for less experienced users.** 12 | 13 | **Note:** No user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 14 | -------------------------------------------------------------------------------- /2021-08-25-xsas-released-on-2021-08-25.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2021-08-25" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project has released one or more Xen Security Advisories (XSAs). 9 | The security of Qubes OS **is affected** by one or more of these XSAs. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-378 19 | - XSA-379 20 | - XSA-382 21 | 22 | Please see **QSB-070** for the actions users must take in order to 23 | protect themselves, as well as further details about these XSAs: 24 | 25 | 26 | 27 | 28 | XSAs that do not affect the security of Qubes OS (no user action required) 29 | -------------------------------------------------------------------------- 30 | 31 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 32 | 33 | - XSA-380 (denial of service only) 34 | - XSA-383 (affects only Arm systems) 35 | 36 | 37 | Related links 38 | ------------- 39 | 40 | - Xen Project XSA list: 41 | - Qubes XSA tracker: 42 | - Qubes security pack (qubes-secpack): 43 | - Qubes security bulletins (QSBs): 44 | 45 | -------------------------------------------------------------------------------- /2025-09-30-qubes-os-summit-2025-videos-and-slides.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Summit 2025: videos and slides" 4 | categories: 5 | - announcements 6 | - talks 7 | --- 8 | 9 | [Qubes OS Summit 2025](https://events.dasharo.com/event/2/qubes-os-summit-2025) has concluded! Thank you to our sponsors, presenters, attendees, and organizers for making this year's summit a success! If you missed the summit, or if you'd like to review any of the presentations, live stream recordings from this year's summit are available below. Presentation descriptions and slides are available on the [Qubes OS Summit 2025 Schedule](https://cfp.3mdeb.com/qubes-os-summit-2025/schedule/). 10 | 11 | ## Qubes OS Summit 2025: Day 1 playlist 12 | 13 | 14 | 15 | ## Qubes OS Summit 2025: Day 2 playlist 16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /2024-02-05-whonix-17-templates-available-for-qubes-os-4-1.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Whonix 17 templates available for Qubes OS 4.1" 4 | categories: announcements 5 | author: The Whonix and Qubes teams 6 | --- 7 | 8 | Until now, Whonix 17 has been available only on Qubes OS 4.2. Since [Whonix 16 reached EOL (end-of-life) on 2024-01-18](/news/2023/12/22/whonix-16-approaching-eol/), this left users still on Qubes OS 4.1 without a supported way to use Whonix. In an effort to accommodate this group of users, the Whonix and Qubes teams have now made Whonix 17 available for Qubes OS 4.1. 9 | 10 | There are two ways to upgrade to Whonix 17 on Qubes OS 4.1: 11 | 12 | - **Recommended:** [Install fresh Whonix templates to replace the existing ones.](https://www.whonix.org/wiki/Qubes/Install) After you install the new templates, redo all desired template modifications and [switch everything that was set to the old templates to the new templates](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 13 | 14 | - **Advanced:** Perform an [in-place upgrade from Whonix 16 to Whonix 17](https://www.whonix.org/wiki/Release_Upgrade_16_to_17). This option will preserve any modifications you've made to the templates, **but it may be more complicated for less experienced users.** 15 | 16 | If you wish, you also still have the option of performing a [clean installation](/doc/installation-guide/) of [Qubes OS 4.2.0](/news/2023/12/18/qubes-os-4-2-0-has-been-released/), which comes with Whonix 17 templates preinstalled (if selected during installation). 17 | -------------------------------------------------------------------------------- /2024-08-01-extended-security-support-for-qubes-os-4-1-has-ended.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Extended security support for Qubes OS 4.1 has ended" 4 | categories: 5 | - announcements 6 | - releases 7 | --- 8 | 9 | As [previously announced](/news/2024/06/18/qubes-os-4-1-has-reached-end-of-life-extended-security-support-continues-until-2024-07-31/), extended security support for Qubes OS 4.1 has ended as of yesterday, 2024-07-31. Qubes 4.1 will no longer receive updates of any kind, including security updates. We strongly recommend that any remaining Qubes 4.1 users [upgrade to Qubes 4.2](/doc/upgrade/4.2/) immediately. 10 | 11 | ## Recommended actions 12 | 13 | If you're already using Qubes 4.2, then you don't have to do anything. This announcement doesn't affect you. 14 | 15 | If you're still using Qubes 4.1, then you should upgrade to Qubes 4.2 immediately. There are two ways to do this: 16 | 17 | 1. Perform a [clean reinstallation](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/upgrade/4_2.html#clean-installation) using the latest stable [Qubes OS 4.2.2 ISO](/downloads/). 18 | 2. Perform an [in-place upgrade to Qubes 4.2](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/upgrade/4_2.html#in-place-upgrade). 19 | 20 | Both of these options are covered in further detail in the [Qubes 4.1 to 4.2 upgrade guide](/doc/upgrade/4.2/). In either case, we strongly recommend [making a full backup](/doc/how-to-back-up-restore-and-migrate/) beforehand. If you need help, please consult our [help and support](/support/) page. 21 | -------------------------------------------------------------------------------- /2022-08-04-qubes-4-0-has-reached-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 4.0 has reached EOL" 4 | categories: 5 | - announcements 6 | - releases 7 | author: Andrew David Wong 8 | --- 9 | 10 | As [previously announced](/news/2022/07/04/qubes-os-4-0-eol-on-2022-08-04/), all releases in the Qubes 4.0 series (which includes the most recent 4.0.4 patch release) have officially reached EOL (end-of-life) as of today, 2022-08-04. We strongly urge all remaining Qubes 4.0 users to [upgrade to Qubes 4.1](/doc/upgrade/4.1/) immediately. As always, the support statuses of all Qubes OS and template releases are available on the [supported releases](/doc/supported-releases/) page, and the latest release is available to download on the [downloads](/downloads/) page. 11 | 12 | 13 | ## What should I do? 14 | 15 | If you're already using Qubes 4.1, then no action is required on your part. This announcement concerns only the 4.0 minor release series. 16 | 17 | If you're still using Qubes 4.0 (including the most recent 4.0.4 patch release), then you should upgrade to 4.1 immediately. You have two options: 18 | 19 | - Perform a clean reinstallation using the latest stable [Qubes 4.1.1 ISO](/downloads/), which was [published on 2022-07-18](/news/2022/07/18/qubes-4-1-1/). 20 | - Perform an [in-place upgrade](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/upgrade/4_1.html#in-place-upgrade) to 4.1. 21 | 22 | Both of these options are covered in further detail in the [Qubes 4.0 to 4.1 upgrade guide](/doc/upgrade/4.1/). If you need help, please consult our [help and support](/support/) page. 23 | -------------------------------------------------------------------------------- /2019-09-18-qubes-presentations-at-platform-security-summit-2019.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Upcoming Qubes presentations at Platform Security Summit 2019" 4 | categories: talks 5 | author: Andrew David Wong 6 | --- 7 | 8 | There will be two separate Qubes presentations at this year's [Platform Security Summit][pss]. 9 | 10 | [Marek Marczykowski-Górecki]'s presentation in the Hypervisor category is titled, ["Complexity Everywhere: is it time to step back and rethink our platforms?"][pss-marek] 11 | 12 | Meanwhile, [Thierry Laurion] of [Insurgo Open Technologies] will give a presentation in the Boot Integrity category titled, ["Accessible Security: deploying Qubes reasonably secured OS on slightly more secured hardware. An OEM approach to transferring device and secrets ownership."][pss-thierry] 13 | 14 | We recently announced that [Insurgo's PrivacyBeast X230 passed Qubes 4.0 hardware certification][x230] to become a [Qubes-certified Laptop]. 15 | 16 | The summit will take place October 1--3 in Redmond, Washington. 17 | 18 | 19 | [pss]: https://www.platformsecuritysummit.com/ 20 | [Marek Marczykowski-Górecki]: /team/#marek-marczykowski-górecki 21 | [pss-marek]: https://www.platformsecuritysummit.com/#marek 22 | [Thierry Laurion]: https://www.linkedin.com/in/thierry-laurion-40b4128/ 23 | [Insurgo Open Technologies]: https://insurgo.ca/ 24 | [pss-thierry]: https://www.platformsecuritysummit.com/#laurion 25 | [x230]: /news/2019/07/18/insurgo-privacybeast-qubes-certification/ 26 | [Qubes-certified Laptop]: https://doc.qubes-os.org/en/latest/user/hardware/certified-hardware/certified-hardware.html#qubes-certified-computers 27 | -------------------------------------------------------------------------------- /2020-06-30-fedora-32-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 32 TemplateVMs available" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | New Fedora 32 TemplateVMs are now available for both Qubes 4.0 and 4.1. 9 | 10 | **Important:** If you wish to use the Qubes Update widget to update a 11 | Fedora 32 template, you must first [switch][switching] the 12 | `default-mgmt-dvm` qube to a Fedora 32 template. (Alternatively, you 13 | can create a separate management DisposableVM Template based on a 14 | Fedora 32 template for the purpose of updating Fedora 32 templates.) 15 | This does not affect updating internally using `dnf`. 16 | 17 | Instructions are available for [upgrading Fedora TemplateVMs]. We also 18 | provide fresh Fedora 32 TemplateVM packages through the official Qubes 19 | repositories, which you can get with the following commands (in dom0). 20 | 21 | [Standard][Fedora] Fedora 32 TemplateVM: 22 | 23 | $ sudo qubes-dom0-update qubes-template-fedora-32 24 | 25 | [Minimal] Fedora 32 TemplateVM: 26 | 27 | $ sudo qubes-dom0-update qubes-template-fedora-32-minimal 28 | 29 | After installing or upgrading a TemplateVM, please remember to [update] 30 | (see important note above) and [switch all qubes that were using the 31 | old template to use the new one][switching]. 32 | 33 | 34 | [upgrading Fedora TemplateVMs]: /doc/templates/fedora/in-place-upgrade/ 35 | [Fedora]: /doc/templates/fedora/ 36 | [Minimal]: /doc/templates/minimal/ 37 | [update]: /doc/how-to-install-software/ 38 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 39 | -------------------------------------------------------------------------------- /2019-01-07-fedora-29-template-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 29 TemplateVM available for Qubes 4.0" 4 | date: 2019-01-07 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | A new Fedora 29 TemplateVM is now available for Qubes 4.0. We 10 | previously announced that [Fedora 27 reached EOL] and encouraged users 11 | to upgrade to Fedora 28. Fedora 28 is still supported by the Fedora 12 | Project, so users may now choose either Fedora 28 or 29 (or both) 13 | depending on their needs and preferences. Instructions are available 14 | for [upgrading from Fedora 28 to 29]. We also provide fresh Fedora 29 15 | TemplateVM packages through the official Qubes repositories, which you 16 | can get with the following commands (in dom0). 17 | 18 | Standard Fedora 29 TemplateVM: 19 | 20 | $ sudo qubes-dom0-update qubes-template-fedora-29 21 | 22 | [Minimal] Fedora 29 TemplateVM: 23 | 24 | $ sudo qubes-dom0-update qubes-template-fedora-29-minimal 25 | 26 | After upgrading to a Fedora 29 TemplateVM, please remember to set all 27 | qubes that were using the old template to use the new one. This can be 28 | done in dom0 either with the [Qubes Template Manager] or with the 29 | [`qvm-prefs`] command-line tool. 30 | 31 | 32 | [Fedora 27 reached EOL]: /news/2018/11/30/fedora-27-eol/ 33 | [upgrading from Fedora 28 to 29]: /doc/template/fedora/upgrade-28-to-29/ 34 | [Minimal]: /doc/templates/fedora-minimal/ 35 | [Qubes Template Manager]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 36 | [`qvm-prefs`]: https://dev.qubes-os.org/projects/core-admin-client/en/latest/manpages/qvm-prefs.html 37 | -------------------------------------------------------------------------------- /2020-12-16-xsas-released-on-2020-12-15.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2020-12-15" 4 | categories: security 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Xen Project released new Xen Security Advisories (XSAs) on 2020-12-15. 9 | The security of Qubes OS **is affected** by at least one of these XSAs. 10 | Therefore, **user action is required**. 11 | 12 | 13 | XSAs that affect the security of Qubes OS (user action required) 14 | ---------------------------------------------------------------- 15 | 16 | The following XSAs **do affect** the security of Qubes OS: 17 | 18 | - XSA-115 19 | - XSA-325 20 | - XSA-350 21 | 22 | Please see [QSB-063](/news/2020/12/16/qsb-063/) for the actions users must take in order to protect themselves, as well as further details about these XSAs. 23 | 24 | 25 | XSAs that do not affect the security of Qubes OS (no user action required) 26 | -------------------------------------------------------------------------- 27 | 28 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 29 | 30 | - XSA-322 (domid reuse impractical in Qubes case) 31 | - XSA-323 (no oxenstored) 32 | - XSA-324 (DoS only) 33 | - XSA-330 (DoS only) 34 | - XSA-348 (DoS only) 35 | - XSA-349 (DoS only) 36 | - XSA-352 (no oxenstored) 37 | - XSA-353 (no oxenstored) 38 | - XSA-354 (DoS only) 39 | - XSA-356 (DoS only) 40 | - XSA-358 (DoS only) 41 | - XSA-359 (DoS only) 42 | 43 | 44 | Related links 45 | ------------- 46 | 47 | - [Qubes Security Pack (qubes-secpack)](/security/pack/) 48 | - [Qubes Security Bulletins (QSBs)](/security/qsb/) 49 | - [XSA Tracker](/security/xsa/) 50 | 51 | -------------------------------------------------------------------------------- /2020-11-24-fedora-31-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 31 has reached EOL" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Fedora 31 has reached EOL ([end-of-life]). If you have not already done so, we strongly recommend upgrading your Fedora 31 TemplateVMs and StandaloneVMs to Fedora 32 immediately. We provide step-by-step upgrade instructions for [upgrading Fedora TemplateVMs]. For a complete list of TemplateVM versions supported for your specific version of Qubes, see the list of [supported TemplateVM versions]. 9 | 10 | We also provide a fresh Fedora 32 TemplateVM package through the official Qubes repositories, which you can install in dom0 by following the standard [installation instructions]. 11 | 12 | After upgrading your TemplateVMs, please remember to [switch all qubes that were using the old template to use the new one][switching]. 13 | 14 | Please note that no user action is required regarding the OS version in dom0. For details, please see our [note on dom0 and EOL]. 15 | 16 | 17 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 18 | [upgrading Fedora TemplateVMs]: /doc/templates/fedora/in-place-upgrade/ 19 | [supported TemplateVM versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 20 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 21 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 22 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 23 | -------------------------------------------------------------------------------- /2024-06-12-fedora-40-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 40 templates available" 4 | categories: announcements 5 | --- 6 | 7 | New Fedora 40 templates are now available for Qubes OS 4.2 in standard, [minimal](/doc/templates/minimal/), and [Xfce](/doc/templates/xfce/) varieties. There are two ways to upgrade a template to a new Fedora release: 8 | 9 | - **Recommended:** [Install a fresh template to replace an existing one.](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing) **This option may be simpler for less experienced users.** After you install the new template, redo all desired template modifications and [switch everything that was set to the old template to the new template](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). You may want to write down the modifications you make to your templates so that you remember what to redo on each fresh install. To see a log of package manager actions, open a terminal in the old Fedora template and use the `dnf history` command. 10 | 11 | - **Advanced:** [Perform an in-place upgrade of an existing Fedora template.](/doc/templates/fedora/in-place-upgrade/) This option will preserve any modifications you've made to the template, **but it may be more complicated for less experienced users.** 12 | 13 | Please note: 14 | - This announcement concerns only Qubes 4.2. Fedora 40 templates will not be available for Qubes 4.1. 15 | - No user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 16 | -------------------------------------------------------------------------------- /2019-05-29-fedora-28-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 28 has reached EOL" 4 | date: 2019-05-29 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | Fedora 28 has reached EOL ([end-of-life]). We strongly recommend that 10 | all Qubes users upgrade their Fedora 28 TemplateVMs and StandaloneVMs to 11 | Fedora 29 immediately. We provide step-by-step upgrade instructions for 12 | upgrading from [Fedora 28 to 29]. For a complete list of TemplateVM 13 | versions supported for your specific version of Qubes, see [Supported 14 | TemplateVM Versions]. 15 | 16 | We also provide a fresh Fedora 29 TemplateVM package through the 17 | official Qubes repositories, which you can install in dom0 by following 18 | the standard [installation instructions]. 19 | 20 | After upgrading your TemplateVMs, please remember to set all qubes that 21 | were using the old template to use the new one. The instructions to do 22 | this can be found in the upgrade instructions for [Fedora 28 to 29]. 23 | 24 | Please note that no user action is required regarding the OS version in 25 | dom0. For details, please see our [Note on dom0 and EOL]. 26 | 27 | 28 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 29 | [Fedora 28 to 29]: /doc/template/fedora/upgrade-28-to-29/ 30 | [Supported TemplateVM Versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 31 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 32 | [Note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 33 | -------------------------------------------------------------------------------- /2019-11-29-fedora-29-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 29 has reached EOL" 4 | date: 2019-11-29 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | Fedora 29 has reached EOL ([end-of-life]). We strongly recommend that 10 | all Qubes users upgrade their Fedora 29 TemplateVMs and StandaloneVMs to 11 | Fedora 30 immediately. We provide step-by-step upgrade instructions for 12 | [upgrading Fedora TemplateVMs]. For a complete list of TemplateVM 13 | versions supported for your specific version of Qubes, see [Supported 14 | TemplateVM Versions]. 15 | 16 | We also provide a fresh Fedora 30 TemplateVM package through the 17 | official Qubes repositories, which you can install in dom0 by following 18 | the standard [installation instructions]. 19 | 20 | After upgrading your TemplateVMs, please remember to [switch all qubes 21 | that were using the old template to use the new one][switching]. 22 | 23 | Please note that no user action is required regarding the OS version in 24 | dom0. For details, please see our [Note on dom0 and EOL]. 25 | 26 | 27 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 28 | [upgrading Fedora TemplateVMs]: /doc/templates/fedora/in-place-upgrade/ 29 | [Supported TemplateVM Versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 30 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 31 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 32 | [Note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 33 | -------------------------------------------------------------------------------- /2023-05-26-fedora-38-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 38 templates available" 4 | categories: announcements 5 | --- 6 | 7 | New Fedora 38 templates are now available! We provide fresh Fedora 38 template packages (standard, [minimal](https://doc.qubes-os.org/en/latest/user/templates/minimal-templates.html), and [Xfce](https://doc.qubes-os.org/en/latest/user/templates/xfce-templates.html)) through the official Qubes repositories, which you can install in dom0 by following the standard [installation instructions](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing). Alternatively, we also provide step-by-step instructions for [performing an in-place upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora-upgrade.html) of an existing Fedora template. After upgrading your templates, please remember to [switch all qubes that were using the old template to use the new one](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 8 | 9 | As a reminder, [Fedora 36 has reached EOL](/news/2023/05/11/fedora-36-reaches-eol-on-2023-05-16/). If you have not already done so, we strongly recommend that you [upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading) all Fedora 36 10 | templates and standalones to a [supported template release](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates) immediately. 11 | 12 | Please note that no user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 13 | -------------------------------------------------------------------------------- /2021-12-07-debian-11-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Debian 11 templates available" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | New Debian 11 templates are available for both Qubes 4.0 and 4.1. 9 | 10 | We provide fresh Debian 11 template packages through the official Qubes 11 | repositories, which you can install in dom0 by following the standard 12 | [installation instructions]. Alternatively, we also provide step-by-step 13 | instructions for [performing an in-place upgrade] of an existing Debian 14 | template. After upgrading your templates, please remember to [switch all 15 | qubes that were using the old template to use the new one][switching]. 16 | 17 | For a complete list of template releases that are supported for your 18 | specific Qubes release, see our [supported template releases]. 19 | 20 | Please note that no user action is required regarding the OS version in 21 | dom0. For details, please see our [note on dom0 and EOL]. 22 | 23 | **Note for 4.1 release candidate testers:** Qubes 4.1 release 24 | candidates already include the Debian 11 template by default, so no 25 | action is required. 26 | 27 | 28 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/debian/debian.html#installing 29 | [performing an in-place upgrade]: /doc/templates/debian/in-place-upgrade/ 30 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 31 | [supported template releases]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 32 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 33 | -------------------------------------------------------------------------------- /2021-06-11-qubes-os-project-now-accepting-donations-in-monero.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS Project now accepting donations in Monero!" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | We are pleased to announce that the Qubes OS Project is now accepting [donations](/donate/) in the privacy-oriented cryptocurrency [Monero (XMR)](https://www.getmonero.org/) at the following address: 9 | 10 | ``` 11 | 46PrVgXBdD4cps3SVkHoCDZvMfFdG5q4ej5DYKpuKpTnjiL7pv6KGv7dPh4DPijCGqTbxLDPqZJkobd9SttMiauoP1CQU4y 12 | ``` 13 | 14 | We have received an increasing number of requests for Monero as a donation method over the past few years. We are proud that Qubes is the OS of choice for so many privacy-conscious individuals, and we are pleased to be able to offer a more private donation method for those users to show their support. 15 | 16 | As with our Bitcoin donation address, you can verify the authenticity of the Monero donation address via the [Qubes Security Pack](https://doc.qubes-os.org/en/latest/project-security/security-pack.html) in the [fund](https://github.com/QubesOS/qubes-secpack/tree/master/fund) directory. We also provide detailed instructions for [verifying the digital signatures](https://doc.qubes-os.org/en/latest/project-security/security-pack.html#how-to-obtain-and-authenticate). 17 | 18 | As with all other donations, your Monero donations will [directly fund the Qubes OS Project](/donate/#how-is-my-donation-used). Since Qubes is free and open-source software, we do not earn any revenue by selling it. Instead, we rely on your financial support. If you rely on Qubes for secure computing in your work or personal life or see the value in our efforts, we would greatly appreciate your donation. Thank you! 19 | -------------------------------------------------------------------------------- /2018-11-30-fedora-27-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 27 has reached EOL" 4 | date: 2018-11-30 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | The Fedora Project announced today that Fedora 27 has reached EOL 10 | ([end-of-life]). We strongly recommend that all Qubes users upgrade 11 | their Fedora 27 TemplateVMs and StandaloneVMs to Fedora 28 immediately. 12 | We provide step-by-step upgrade instructions for upgrading from [Fedora 13 | 27 to 28]. For a complete list of TemplateVM versions supported for your 14 | specific version of Qubes, see [Supported TemplateVM Versions]. 15 | 16 | We also provide a fresh Fedora 28 TemplateVM package through the 17 | official Qubes repositories, which you can install in dom0 by following 18 | the standard [installation instructions]. 19 | 20 | After upgrading your TemplateVMs, please remember to set all qubes that 21 | were using the old template to use the new one. The instructions to do 22 | this can be found in the upgrade instructions for [Fedora 27 to 28]. 23 | 24 | Please note that no user action is required regarding the OS version in 25 | dom0. For details, please see our [Note on dom0 and EOL]. 26 | 27 | 28 | [end-of-life]: https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule 29 | [Fedora 27 to 28]: /doc/template/fedora/upgrade-27-to-28/ 30 | [Supported TemplateVM Versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 31 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 32 | [Note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 33 | -------------------------------------------------------------------------------- /2022-12-08-fedora-35-reaches-eol-on-2022-12-13.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 35 reaches EOL on 2022-12-13" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/OGTVKLX7OXBYCEUQ66UY4YK3T6QHAYW5/) that Fedora 35 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2022-12-13. We strongly recommend that all users [upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading) their Fedora templates and standalones to Fedora 36 no later than 2022-12-13. 9 | 10 | We provide fresh Fedora 36 template packages through the official Qubes repositories, which you can install in dom0 by following the standard [installation instructions](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing). Alternatively, we also provide step-by-step instructions for [performing an in-place upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora-upgrade.html) of an existing Fedora template. After upgrading your templates, please remember to [switch all qubes that were using the old template to use the new one](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 11 | 12 | For a complete list of template releases that are supported for your specific Qubes release, see our [supported template releases](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates). 13 | 14 | Please note that no user action is required regarding the OS version in dom0. For details, please see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol). 15 | -------------------------------------------------------------------------------- /2025-09-11-qubes-documentation-has-successfully-migrated-to-read-the-docs.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "The Qubes documentation has successfully migrated to Read the Docs!" 4 | categories: announcements 5 | --- 6 | 7 | The [migration of the Qubes documentation to Read the Docs](https://www.qubes-os.org/news/2025/07/23/qubes-documentation-migrating-to-read-the-docs/) is now complete! As of today, the new documentation hosted by Read the Docs has officially replaced the old documentation, and all old documentation URLs will automatically redirect to their new counterparts at from now on. We're incredibly grateful to the Qubes community for making this migration a success. Special thanks go to [parulin](https://github.com/parulin) and [tokideveloper](https://github.com/tokideveloper) for reviewing the new documentation during our 20-day community testing period, to [maiska](https://www.qubes-os.org/team/#m) for managing the migration, and to [Solène Rapenne](https://www.qubes-os.org/team/#sol%C3%A8ne-rapenne) for helping to push the merge through the final stretch. 8 | 9 | In addition, [maiska](https://www.qubes-os.org/team/#m) has provided us with an updated guide for [how to edit the documentation](https://doc.qubes-os.org/en/latest/developer/general/how-to-edit-the-rst-documentation.html) and a new [reStructuredText documentation style guide](https://doc.qubes-os.org/en/latest/developer/general/rst-documentation-style-guide.html)! If you'd like to request any features or improvements to the documentation, or if you'd like to report a bug, please [open an issue](https://doc.qubes-os.org/en/latest/introduction/issue-tracking.html). If you have any questions or feedback, please let us know on our [mailing lists or forum](https://doc.qubes-os.org/en/latest/introduction/support.html). 10 | -------------------------------------------------------------------------------- /2019-07-09-qubes-4-0-2-rc1.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 4.0.2-rc1 has been released!" 4 | categories: releases 5 | download_url: /downloads/ 6 | author: Andrew David Wong 7 | --- 8 | 9 | We're pleased to announce the first release candidate for Qubes 4.0.2! 10 | 11 | Features: 12 | - All 4.0 dom0 updates to date 13 | - Fedora 30 TemplateVM 14 | - Debian 10 TemplateVM 15 | - Whonix 15 Gateway and Workstation TemplateVMs 16 | - Linux kernel 4.19 by default 17 | 18 | Qubes 4.0.2-rc1 is available on the [Downloads] page. 19 | 20 | 21 | What is a patch release? 22 | ------------------------ 23 | 24 | A patch release does not designate a separate, new major or minor release of Qubes OS. 25 | Rather, it designates its respective major or minor release (in this 26 | case, 4.0) inclusive of all updates up to a certain point. Installing 27 | Qubes 4.0 and fully updating it results in the same system as installing 28 | Qubes 4.0.2. 29 | 30 | 31 | What should I do? 32 | ----------------- 33 | 34 | If you installed Qubes 4.0 or 4.0.1 and have [fully updated], then 35 | your system is already equivalent to a Qubes 4.0.2 installation. No 36 | further action is required. 37 | 38 | Regardless of your current OS, if you wish to install (or reinstall) 39 | Qubes 4.0 for any reason, then the 4.0.2 ISO makes this more convenient 40 | and secure, since it bundles all Qubes 4.0 updates to date. 41 | 42 | 43 | Release candidate planning 44 | -------------------------- 45 | 46 | If no major issues are discovered in 4.0.2-rc1, we expect the stable 47 | release of 4.0.2 to follow in a few weeks. As usual, you can help by 48 | [reporting any bugs you encounter][reporting-bugs]. 49 | 50 | 51 | 52 | [Downloads]: /downloads/ 53 | [fully updated]: /doc/updating-qubes-os/ 54 | [reporting-bugs]: /doc/issue-tracking/ 55 | 56 | -------------------------------------------------------------------------------- /2023-05-11-fedora-36-reaches-eol-on-2023-05-16.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 36 reaches EOL on 2023-05-16" 4 | categories: announcements 5 | --- 6 | 7 | The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org/thread/4GXBZJSGQ2PEKIBM2APCTLXBS6IDKSOP/) that Fedora 36 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-05-16. We strongly recommend that all users [upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading) their Fedora templates and standalones to [Fedora 37](/news/2023/03/03/fedora-37-templates-available/) no later than 2023-05-16. 8 | 9 | We provide fresh Fedora 37 template packages through the official Qubes repositories, which you can install in dom0 by following the standard [installation instructions](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing). Alternatively, we also provide step-by-step instructions for [performing an in-place upgrade](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora-upgrade.html) of an existing Fedora template. After upgrading your templates, please remember to [switch all qubes that were using the old template to use the new one](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). 10 | 11 | For a complete list of template releases that are supported for your specific Qubes release, see our [supported template releases](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates). 12 | 13 | Please note that no user action is required regarding the OS version in dom0. For details, please see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol). 14 | -------------------------------------------------------------------------------- /2021-05-25-fedora-32-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 32 has reached EOL" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Fedora 32 has reached EOL ([end-of-life]). If you have not already done 9 | so, we strongly recommend [upgrading] your Fedora 32 TemplateVMs and 10 | StandaloneVMs to Fedora 33 immediately. We provide a fresh Fedora 33 11 | TemplateVM package through the official Qubes repositories, which you 12 | can install in dom0 by following the standard [installation 13 | instructions]. Alternatively, we also provide step-by-step instructions 14 | for [performing an in-place upgrade] of an existing Fedora TemplateVM. 15 | After upgrading your TemplateVMs, please remember to [switch all qubes 16 | that were using the old template to use the new one][switching]. 17 | 18 | For a complete list of TemplateVM versions supported for your specific 19 | version of Qubes, see [Supported TemplateVM Versions]. 20 | 21 | Please note that no user action is required regarding the OS version in 22 | dom0. For details, please see our [note on dom0 and EOL]. 23 | 24 | 25 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 26 | [upgrading]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading 27 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 28 | [performing an in-place upgrade]: /doc/templates/fedora/in-place-upgrade/ 29 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 30 | [Supported TemplateVM Versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 31 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 32 | -------------------------------------------------------------------------------- /2024-09-13-fedora-39-approaching-end-of-life.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 39 approaching end-of-life" 4 | categories: announcements 5 | --- 6 | 7 | Fedora 39 is currently [scheduled](https://fedorapeople.org/groups/schedule/f-39/f-39-key-tasks.html) to reach [end-of-life (EOL)](https://fedoraproject.org/wiki/End_of_life) on 2024-11-12 (approximately two months from now). Please upgrade all of your Fedora templates and standalones by that date. For more information, see [Upgrading to avoid EOL](https://doc.qubes-os.org/en/latest/user/how-to-guides/how-to-update.html#upgrading-to-avoid-eol). 8 | 9 | There are two ways to upgrade a template to a new Fedora release: 10 | 11 | - **Recommended:** [Install a fresh template to replace an existing one.](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing) **This option may be simpler for less experienced users.** After you install the new template, redo all desired template modifications and [switch everything that was set to the old template to the new template](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). You may want to write down the modifications you make to your templates so that you remember what to redo on each fresh install. To see a log of package manager actions, open a terminal in the old Fedora template and use the `dnf history` command. 12 | 13 | - **Advanced:** [Perform an in-place upgrade of an existing Fedora template.](/doc/templates/fedora/in-place-upgrade/) This option will preserve any modifications you've made to the template, **but it may be more complicated for less experienced users.** 14 | 15 | Please note that no user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 16 | -------------------------------------------------------------------------------- /2020-05-23-google-summer-of-code-and-season-of-docs-2020.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Google Summer of Code & Season of Docs 2020" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | We're pleased to announce that the Qubes OS Project will be 9 | participating in both [Google Summer of Code] and [Google Season of 10 | Docs] for 2020! 11 | 12 | For Google Summer of Code this year, William Huang will be working on 13 | [Template Manager and Package Handling Improvements] under the 14 | mentorship of Qubes project lead [Marek Marczykowski-Górecki]. 15 | Specifically, William will be "designing a better mechanism for handling 16 | template installation and creating a user-facing application to deal 17 | with such mechanism and other template-related configuration, 18 | consolidating the management of templates." For more information about 19 | Google Summer of Code in relation to the Qubes OS project, please see 20 | our [information page][gsoc]. 21 | 22 | Meanwhile, with Google Season of Docs, we're still in the [technical 23 | writer exploration phase], in which "interested technical writers 24 | discuss project ideas with mentoring organizations." If you're 25 | interested in [participating in Google Season of Docs with Qubes][gsod], 26 | the technical writer application period begins on June 9, 2020 at 18:00 27 | UTC, and the deadline is July 9, 2020 at 18:00 UTC. 28 | 29 | [Google Summer of Code]: https://summerofcode.withgoogle.com/ 30 | [Google Season of Docs]: https://developers.google.com/season-of-docs 31 | [Template Manager and Package Handling Improvements]: https://summerofcode.withgoogle.com/projects/#6190965460566016 32 | [Marek Marczykowski-Górecki]: /team/#marek-marczykowski-górecki 33 | [gsoc]: /gsoc/ 34 | [technical writer exploration phase]: https://developers.google.com/season-of-docs/docs/timeline 35 | [gsod]: /gsod/ 36 | -------------------------------------------------------------------------------- /2021-03-04-qubes-4-0-4.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Qubes OS 4.0.4 has been released!" 4 | categories: releases 5 | download_url: /downloads/ 6 | author: Andrew David Wong 7 | --- 8 | 9 | We're pleased to announce the release of Qubes OS 4.0.4! This is the 10 | fourth stable release of Qubes 4.0. It includes many updates over the 11 | initial 4.0 release, including: 12 | 13 | - All 4.0 dom0 updates to date 14 | - Fedora 32 TemplateVM 15 | - Debian 10 TemplateVM 16 | - Whonix 15 Gateway and Workstation TemplateVMs 17 | - Linux kernel 5.4 by default 18 | 19 | Qubes 4.0.4 is available on the [downloads] page. 20 | 21 | 22 | What is a patch release? 23 | ------------------------ 24 | 25 | A patch release does not designate a separate, new major or minor release of Qubes OS. 26 | Rather, it designates its respective major or minor release (in this 27 | case, 4.0) inclusive of all updates up to a certain point. Installing 28 | Qubes 4.0 and [fully updating][update] it results in the same system as 29 | installing Qubes 4.0.4. 30 | 31 | 32 | What should I do? 33 | ----------------- 34 | 35 | If you installed Qubes 4.0, 4.0.1, 4.0.2, or 4.0.3 and have [fully 36 | updated][update], then your system is already equivalent to a Qubes 37 | 4.0.4 installation. No further action is required. 38 | 39 | Regardless of your current OS, if you wish to install (or reinstall) 40 | Qubes 4.0 for any reason, then the 4.0.4 ISO makes this more convenient 41 | and secure, since it bundles all Qubes 4.0 updates to date. Please see 42 | the [installation guide] for detailed instructions. 43 | 44 | Thank you to all the release candidate users for testing this release 45 | and [reporting issues][reporting-bugs]! 46 | 47 | 48 | [downloads]: /downloads/ 49 | [update]: /doc/updating-qubes-os/ 50 | [installation guide]: /doc/installation-guide/ 51 | [reporting-bugs]: /doc/issue-tracking/ 52 | 53 | -------------------------------------------------------------------------------- /2016-11-15-fedora-24-template-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 24 template now available for Qubes 3.2" 4 | date: 2016-11-15 5 | categories: announcements 6 | author: Andrew David Wong 7 | --- 8 | 9 | Fedora 23, the default Fedora [TemplateVM version] in Qubes 3.2, is scheduled to 10 | reach end of life (EOL) on approximately 2016-12-22 11 | ([one month][fedora-maintenance-schedule] after the release of Fedora 25). **We 12 | strongly advise all Qubes users to upgrade their Fedora templates before then.** 13 | 14 | In the interest of providing users with a convenient upgrade path, a Fedora 24 15 | template is now available for direct installation. This means that there are now 16 | two ways to have a Fedora 24 template on Qubes 3.2: 17 | 18 | 1. [Upgrade] an existing Fedora 23 template. 19 | 20 | 2. Install a new Fedora 24 template by running the following command in dom0: 21 | 22 | $ sudo qubes-dom0-update qubes-template-fedora-24 23 | 24 | The later option will result in a fresh template, which you may customize if 25 | you wish. A Fedora 24 [minimal] template is also available, and it can be 26 | installed by running the following command in dom0: 27 | 28 | $ sudo qubes-dom0-update qubes-template-fedora-24-minimal 29 | 30 | After upgrading to a Fedora 24 template, please remember to switch the 31 | appropriate qubes (VMs) to the new template. This can be done either with Qubes 32 | Manager (in qube settings) or with the `qvm-prefs` command-line tool. 33 | 34 | 35 | [TemplateVM version]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 36 | [fedora-maintenance-schedule]: https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule 37 | [Upgrade]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading 38 | [minimal]: /doc/templates/fedora-minimal/ 39 | -------------------------------------------------------------------------------- /2021-04-29-fedora-32-approaching-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 32 approaching EOL" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Fedora 32 is scheduled to reach EOL ([end-of-life]) on 2021-05-25. 9 | 10 | We strongly recommend that all Qubes users [upgrade] their Fedora 32 11 | TemplateVMs and StandaloneVMs to Fedora 33 before Fedora 32 reaches 12 | EOL. 13 | 14 | We provide a fresh Fedora 33 TemplateVM package through the official 15 | Qubes repositories, which you can install in dom0 by following the 16 | standard [installation instructions]. Alternatively, we also provide 17 | step-by-step instructions for [performing an in-place upgrade] of an 18 | existing Fedora TemplateVM. After upgrading your TemplateVMs, please 19 | remember to [switch all qubes that were using the old template to use 20 | the new one][switching]. 21 | 22 | For a complete list of TemplateVM versions supported for your specific 23 | version of Qubes, see [Supported TemplateVM Versions]. 24 | 25 | Please note that no user action is required regarding the OS version in 26 | dom0. For details, please see our [note on dom0 and EOL]. 27 | 28 | 29 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 30 | [upgrade]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading 31 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 32 | [performing an in-place upgrade]: /doc/templates/fedora/in-place-upgrade/ 33 | [Supported TemplateVM Versions]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 34 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 35 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 36 | -------------------------------------------------------------------------------- /2025-03-16-fedora-40-approaching-end-of-life.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 40 approaching end of life" 4 | categories: announcements 5 | --- 6 | 7 | Fedora 40 is currently [scheduled](https://fedorapeople.org/groups/schedule/f-40/f-40-key-tasks.html) to reach [end of life (EOL)](https://fedoraproject.org/wiki/End_of_life) on 2025-05-13 (approximately two months from the date of this announcement). Please upgrade all of your Fedora templates and standalones by that date. For more information, see [Upgrading to avoid EOL](https://doc.qubes-os.org/en/latest/user/how-to-guides/how-to-update.html#upgrading-to-avoid-eol). 8 | 9 | There are two ways to upgrade a template to a new Fedora release: 10 | 11 | - **Recommended:** [Install a fresh template to replace an existing one.](https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing) **This option may be simpler for less experienced users.** After you install the new template, redo all desired template modifications and [switch everything that was set to the old template to the new template](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). You may want to write down the modifications you make to your templates so that you remember what to redo on each fresh install. To see a log of package manager actions, open a terminal in the old Fedora template and use the `dnf history` command. 12 | 13 | - **Advanced:** [Perform an in-place upgrade of an existing Fedora template.](/doc/templates/fedora/in-place-upgrade/) This option will preserve any modifications you've made to the template, **but it may be more complicated for less experienced users.** 14 | 15 | Please note that no user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 16 | -------------------------------------------------------------------------------- /2023-08-27-debian-12-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Debian 12 templates available" 4 | categories: announcements 5 | --- 6 | 7 | The following new templates are now available: 8 | 9 | **Qube OS 4.1** 10 | - Debian 12 11 | - Debian 12 [minimal](/doc/templates/minimal/) 12 | 13 | **Qubes OS 4.2-rc1** 14 | - Debian 12 15 | - Debian 12 [minimal](/doc/templates/minimal/) 16 | - Debian 12 [Xfce](/doc/templates/xfce/) 17 | 18 | There are two ways to upgrade your template to a new Debian release: 19 | 20 | - **Recommended:** [Install a fresh template to replace the existing one.](https://doc.qubes-os.org/en/latest/user/templates/debian/debian.html#installing) **This option may be simpler for less experienced users.** After you install the new template, redo all desired template modifications and [switch everything that was set to the old template to the new template](https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching). You may want to write down the modifications you make to your templates so that you remember what to redo on each fresh install. In the old Debian template, see `/var/log/dpkg.log` and `/var/log/apt/history.log` for logs of package manager actions. 21 | 22 | - **Advanced:** [Perform an in-place upgrade of an existing Debian template.](/doc/templates/debian/in-place-upgrade/) This option will preserve any modifications you've made to the template, **but it may be more complicated for less experienced users.** 23 | 24 | For a complete list of template releases that are supported for your specific Qubes release, see our [supported template releases](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates). Please note that no user action is required regarding the OS version in dom0 (see our [note on dom0 and EOL](https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol)). 25 | -------------------------------------------------------------------------------- /2020-04-30-fedora-31-template-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | This announcement includes several updates regarding Fedora TemplateVMs. 9 | 10 | ## Fedora 30 approaching EOL 11 | 12 | With the release of Fedora 32 on April 28, Fedora 30 is expected to 13 | reach EOL ([end-of-life]) on May 26, 2020. 14 | 15 | ## Fedora 31 TemplateVM available 16 | 17 | A new Fedora 31 TemplateVM is now available for both Qubes 4.0 and 4.1. 18 | Instructions are available for [upgrading Fedora TemplateVMs]. We also 19 | provide a fresh Fedora 31 TemplateVM package through the official Qubes 20 | repositories, which you can get with the following commands (in dom0). 21 | 22 | [Standard] Fedora 31 TemplateVM: 23 | 24 | $ sudo qubes-dom0-update qubes-template-fedora-31 25 | 26 | [Minimal] Fedora 31 TemplateVM: 27 | 28 | $ sudo qubes-dom0-update qubes-template-fedora-31-minimal 29 | 30 | After upgrading to a Fedora 31 TemplateVM, please remember to [switch all 31 | qubes that were using the old template to use the new one][switching]. 32 | 33 | ## Fedora 32 TemplateVM in testing 34 | 35 | For advanced users, a new Fedora 32 TemplateVM is currently available in 36 | the `qubes-templates-itl-testing` repository for both Qubes 4.0 and 4.1. 37 | We would greatly appreciate [testing and feedback] from the community 38 | regarding this template. 39 | 40 | 41 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 42 | [upgrading Fedora TemplateVMs]: /doc/templates/fedora/in-place-upgrade/ 43 | [Standard]: /doc/templates/fedora/ 44 | [Minimal]: /doc/templates/minimal/ 45 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 46 | [testing and feedback]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/testing.html#providing-feedback 47 | -------------------------------------------------------------------------------- /2022-06-07-fedora-34-eol.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 34 has reached EOL" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | As a reminder following our previous [announcement], Fedora 34 has now 9 | reached EOL ([end-of-life]). If you have not already done so, we 10 | strongly recommend [upgrading] all remaining Fedora 34 templates and 11 | standalones to Fedora 35 immediately. 12 | 13 | We provide fresh Fedora 35 template packages through the official Qubes 14 | repositories, which you can install in dom0 by following the standard 15 | [installation instructions]. Alternatively, we also provide step-by-step 16 | instructions for [performing an in-place upgrade] of an existing Fedora 17 | template. After upgrading your templates, please remember to [switch all 18 | qubes that were using the old template to use the new one][switching]. 19 | 20 | For a complete list of template releases that are supported for your 21 | specific Qubes release, see our [supported template releases]. 22 | 23 | Please note that no user action is required regarding the OS version in 24 | dom0. For details, please see our [note on dom0 and EOL]. 25 | 26 | 27 | [announcement]: /news/2022/05/26/fedora-34-approaching-eol-fedora-35-templates-available/ 28 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 29 | [upgrading]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading 30 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 31 | [performing an in-place upgrade]: /doc/templates/fedora/in-place-upgrade/ 32 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 33 | [supported template releases]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 34 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 35 | -------------------------------------------------------------------------------- /2024-09-24-xsas-released-on-2024-09-24.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2024-09-24" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-462](https://xenbits.xen.org/xsa/advisory-462.html) 21 | - Denial of service only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2025-02-27-xsas-released-on-2025-02-27.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-02-27" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-467](https://xenbits.xen.org/xsa/advisory-467.html) 21 | - Denial of service only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2025-07-01-xsas-released-on-2025-07-01.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-07-01" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) 21 | - Denial of service only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2023-12-12-xsas-released-on-2023-12-12.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2023-12-12" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is not affected**. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-447](https://xenbits.xen.org/xsa/advisory-447.html) 21 | - Qubes OS does not support ARM. 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2024-02-05-xsas-released-on-2024-01-22.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2024-01-22" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is not affected**. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-448](https://xenbits.xen.org/xsa/advisory-448.html) 21 | - Denial of service (DoS) only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2024-02-27-xsas-released-on-2024-02-27.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2024-02-27" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is not affected**. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-451](https://xenbits.xen.org/xsa/advisory-451.html) 21 | - Denial of service (DoS) only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2024-05-08-xsas-released-on-2024-05-07.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2024-05-07" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-457](https://xenbits.xen.org/xsa/advisory-457.html) 21 | - Denial of service (DoS) only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2025-05-15-xsas-released-on-2025-05-12.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-05-12" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is affected**. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - [XSA-469](https://xenbits.xen.org/xsa/advisory-469.html) 15 | - See [QSB-107](/news/2025/05/15/qsb-107/) 16 | 17 | ## XSAs that DO NOT affect the security of Qubes OS 18 | 19 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 20 | 21 | - (none) 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2025-05-27-xsas-released-on-2025-05-27.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-05-27" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) 21 | - In-guest privilege escalation only 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2025-07-11-xsas-released-on-2025-07-08.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-07-08" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is affected**. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - [XSA-471](https://xenbits.xen.org/xsa/advisory-471.html) 15 | - See [QSB-108](/news/2025/07/11/qsb-108/) 16 | 17 | ## XSAs that DO NOT affect the security of Qubes OS 18 | 19 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 20 | 21 | - (none) 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2022-05-26-fedora-34-approaching-eol-fedora-35-templates-available.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "Fedora 34 approaching EOL; Fedora 35 templates available" 4 | categories: announcements 5 | author: Andrew David Wong 6 | --- 7 | 8 | Fedora 34 is scheduled to reach EOL ([end-of-life]) on 2022-06-07, and 9 | new Fedora 35 templates are now available for both Qubes 4.0 and 4.1. 10 | 11 | We strongly recommend that all Qubes users [upgrade] their Fedora 34 12 | templates and standalones to Fedora 35 before Fedora 34 reaches EOL. 13 | 14 | We provide fresh Fedora 35 template packages through the official Qubes 15 | repositories, which you can install in dom0 by following the standard 16 | [installation instructions]. Alternatively, we also provide step-by-step 17 | instructions for [performing an in-place upgrade] of an existing Fedora 18 | template. After upgrading your templates, please remember to [switch all 19 | qubes that were using the old template to use the new one][switching]. 20 | 21 | For a complete list of template releases that are supported for your 22 | specific Qubes release, see our [supported template releases]. 23 | 24 | Please note that no user action is required regarding the OS version in 25 | dom0. For details, please see our [note on dom0 and EOL]. 26 | 27 | 28 | [end-of-life]: https://fedoraproject.org/wiki/End_of_life 29 | [upgrade]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#upgrading 30 | [installation instructions]: https://doc.qubes-os.org/en/latest/user/templates/fedora/fedora.html#installing 31 | [performing an in-place upgrade]: /doc/templates/fedora/in-place-upgrade/ 32 | [switching]: https://doc.qubes-os.org/en/latest/user/templates/templates.html#switching 33 | [supported template releases]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#templates 34 | [note on dom0 and EOL]: https://doc.qubes-os.org/en/latest/user/downloading-installing-upgrading/supported-releases.html#note-on-dom0-and-eol 35 | -------------------------------------------------------------------------------- /2025-10-24-xsas-released-on-2025-10-24.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2025-10-24" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS is **not** affected. 9 | 10 | ## XSAs that DO affect the security of Qubes OS 11 | 12 | The following XSAs **do affect** the security of Qubes OS: 13 | 14 | - (none) 15 | 16 | ## XSAs that DO NOT affect the security of Qubes OS 17 | 18 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 19 | 20 | - [XSA-476](https://xenbits.xen.org/xsa/advisory-476.html) 21 | - Qubes OS does not hot unplug PCI devices. 22 | 23 | ## About this announcement 24 | 25 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 26 | -------------------------------------------------------------------------------- /2023-02-15-xsas-released-on-2023-02-14.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | title: "XSAs released on 2023-02-14" 4 | categories: security 5 | --- 6 | 7 | The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). 8 | The security of Qubes OS **is not affected**. 9 | Therefore, **no user action is required**. 10 | 11 | 12 | ## XSAs that DO affect the security of Qubes OS 13 | 14 | The following XSAs **do affect** the security of Qubes OS: 15 | 16 | - (none) 17 | 18 | 19 | ## XSAs that DO NOT affect the security of Qubes OS 20 | 21 | The following XSAs **do not affect** the security of Qubes OS, and no user action is necessary: 22 | 23 | - XSA-426 (SMT is disabled in Qubes OS by default) 24 | 25 | 26 | ## About this announcement 27 | 28 | Qubes OS uses the [Xen hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as part of its [architecture](/doc/architecture/). When the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a [Xen security advisory (XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a [Qubes security bulletin (QSB)](/security/qsb/). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only *positive* confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs cannot provide *negative* confirmation that other XSAs do *not* affect the security of Qubes OS. Therefore, we also maintain an [XSA tracker](/security/xsa/), which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS. 29 | --------------------------------------------------------------------------------