[qubes-users] XSAs 286, 331, 332, and 345 do not affect the security of Qubes OS

Dear Qubes Community,

The Xen Project has published the following Xen Security Advisories:
XSA-286, XSA-331, XSA-332, and XSA-345. These XSAs do *not* affect the
security of Qubes OS, and no user action is necessary.

*Special note:* Although XSA-345 is included in QSB #060 [1], we do not
consider XSA-345 to affect the security of Qubes OS, since the default
configuration is safe, and we have already implemented appropriate
safeguards to prevent users from changing to a vulnerable configuration
by accident. Please see the Impact section of QSB #060 [1] for further

[1] https://www.qubes-os.org/news/2020/10/20/qsb-060/

These XSAs have been added to the XSA Tracker:

This announcement is also available on the Qubes website:

(Attachment OpenPGP_signature is missing)