We have just published Qubes Security Bulletin (QSB) #61: Information
leak via power sidechannel (XSA-351). The text of this QSB is
reproduced below. This QSB and its accompanying signatures will always
be available in the Qubes Security Pack (qubes-secpack).
View QSB #61 in the qubes-secpack:
Learn about the qubes-secpack, including how to obtain, verify, and read
it:
For Qubes 4.0: Xen packages, version 4.8.5-26
For updates from the security-testing repository:
$ sudo qubes-dom0-update --enablerepo=qubes-dom0-security-testing
I found out an unexpected behaviour. I always ran the command
to update the system, believing that "*" it would include the case
"security". This seems not the case! After running the update with *
the xen state was still 4.8.25: