[qubes-users] XSAs released on 2022-11-01

Dear Qubes Community,

The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- XSA-414

Please see [QSB-085](QSB-085: Xenstore: Guests can crash xenstored (XSA-414) | Qubes OS) for further details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action is necessary:

- XSA-326 (denial-of-service only)
- XSA-412 (affects only version 4.16)
- XSA-415 (denial-of-service only)
- XSA-416 (denial-of-service only)
- XSA-417 (domid is never reused)
- XSA-418 (denial-of-service only)
- XSA-419 (denial-of-service only)
- XSA-420 (oxenstored is not used in Qubes OS)
- XSA-421 (denial-of-service only)

## Related links

- [Xen XSA list](Xen Security Advisories)
- [Qubes XSA tracker](Xen security advisory (XSA) tracker | Qubes OS)
- [Qubes security pack (qubes-secpack)](Qubes security pack (qubes-secpack) | Qubes OS)
- [Qubes security bulletins (QSBs)](Qubes security bulletins (QSBs) | Qubes OS)

This announcement is also available on the Qubes website: