Dear Qubes Community,
The Xen Project has published the following Xen Security Advisories:
XSA-286, XSA-331, XSA-332, and XSA-345. These XSAs do *not* affect the
security of Qubes OS, and no user action is necessary.
*Special note:* Although XSA-345 is included in QSB #060 [1], we do not
consider XSA-345 to affect the security of Qubes OS, since the default
configuration is safe, and we have already implemented appropriate
safeguards to prevent users from changing to a vulnerable configuration
by accident. Please see the Impact section of QSB #060 [1] for further
details.
[1] https://www.qubes-os.org/news/2020/10/20/qsb-060/
These XSAs have been added to the XSA Tracker:
This announcement is also available on the Qubes website:
(Attachment OpenPGP_signature is missing)