Does the new OpenSSL vulnerability affect Qubes OS?

news link

There isn’t a lot of technical information on the vulnerability, but it seems critical for affected systems.


Almost certainly.
Qubes along with everyone else.

Okay, I was not sure if Qubes used 3.x

At least dom0 seems to be running 1.1.1k which I don’t think is affected, but I didn’t know if that meant Qubes only used 1.1.1

Bookworm, Fedora 36, Ubuntu 22.04, all have 3.x


For any one worried about this, the vulnerabilities were downgraded
from critical.
Patches should be available soon as part of normal updates.

You can read about the vulnerabilities here

I never presume to speak for the Qubes team.

When I comment in the Forum or in the mailing lists I speak for myself.

1 Like