Does the new OpenSSL vulnerability affect Qubes OS?

news link

There isn’t a lot of technical information on the vulnerability, but it seems critical for affected systems.

3 Likes

Almost certainly.
Qubes along with everyone else.

Okay, I was not sure if Qubes used 3.x

At least dom0 seems to be running 1.1.1k which I don’t think is affected, but I didn’t know if that meant Qubes only used 1.1.1

Bookworm, Fedora 36, Ubuntu 22.04, all have 3.x

2 Likes

For any one worried about this, the vulnerabilities were downgraded
from critical.
Patches should be available soon as part of normal updates.

You can read about the vulnerabilities here

I never presume to speak for the Qubes team.


When I comment in the Forum or in the mailing lists I speak for myself.

1 Like