XSAs released on 2026-06-09
29d ago
Source
Qubes OSXSAs released on 2026-06-09qubes-os.orgThe Xen Project has released one or more Xen security advisories (XSAs) . The security of Qubes OS is affected . XSAs that DO affect the security of Qubes OS The following XSAs do affect the security of Qubes OS: XSA-491 : See QSB-115 . XSAs that DO NOT affect the security of Qubes OS The following XSAs do not affect the security of Qubes OS, and no user action is necessary: XSA-492 : Denial of service only XSA-493 : Only Arm systems are affected. Qubes OS does not run on Arm systems. XSA-494 : Shadow paging is disabled in Qubes OS at build time. About this announcement Qubes OS uses the Xen hypervisor as part of its architecture . When the Xen Project publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a Xen security advisory (XSA) . Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a Qubes security bulletin (QSB) . (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only positive confirmation that certain XSAs do affect the security of Qubes OS. QSBs cannot provide negative confirmation that other XSAs do not affect the security of Qubes OS. Therefore, we also maintain an XSA tracker , which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS.
You might also wanna read
X.Org Security Advisory: Multiple Vulnerabilities Fixed in X Server 21.1.19 and Xwayland 24.1.9
X.Org has released security advisories for multiple vulnerabilities in X.Org X server (prior to version 21.1.18) and Xwayland (prior to vers
lists.x.org·8mo ago
Debunking common myths about Qubes OS: It's more accessible than you think
This article debunks common myths about Qubes OS, a security-focused operating system that uses virtualization to isolate applications in se
X.Org Patches Nine Security Flaws in Server and Xwayland Updates
X.Org has released security updates (X.Org Server 21.1.23 and Xwayland 24.1.12) patching nine security vulnerabilities, including stack-base
FreeBSD Security Advisory: Local Privilege Escalation via execve() Affects All Supported Versions
FreeBSD released a security advisory (FreeBSD-SA-26:13.exec) addressing a local privilege escalation vulnerability via the execve() system c
freebsd.org·1mo ago
Fixing a Prototype Override Protection Bypass Vulnerability in qs
Snyk·9y ago
Return to Blogging After 7 Years: A Reintroduction from the Creator of Qubes OS
The author returns after a 7-year hiatus with a new blog. They previously led development of Qubes OS (a security-focused operating system)
Traces Of Humanity·1mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.