Search results
  1. Jan 4

    Re the / attacks: 1. Practical impact on Qubes is unclear to us ATM, 2. No advanced info has been shared with us on Xen predisclosure list, so we've had no time to evaluate yet, 3. Xen published XSA 254 unexpectedly last night, 4. Xen offers no patches ATM...

    7 replies 236 retweets 466 likes
  2. Jun 27

    XSA-264, XSA-265, and XSA-266 have been published. These XSAs do not affect the security of Qubes OS, and no user action is necessary.

    2 replies 17 retweets 33 likes
  3. May 24

    Qubes Security Bulletin #40: Information leaks due to processor speculative store bypass (XSA-263)

    19 retweets 29 likes
  4. May 8

    Qubes Security Bulletin #39: Xen vulnerability (XSA-260) and GUI daemon issue

    20 retweets 44 likes
  5. Apr 25

    In addition, XSA-259, which was also announced today, does not affect the security of Qubes:

    Another Xen bug which does not affect thanks to our compartmentalized architecture :)
    1 reply 18 retweets 49 likes
  6. Feb 27

    XSA-252, XSA-255, and XSA-256 do not affect the security of Qubes OS:

    33 retweets 53 likes
  7. Jan 24

    We've just updated Qubes Security Bulletin #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Spectre)

    2 replies 42 retweets 72 likes
  8. Jan 4
    Replying to

    So, when I was making the comment above yesterday, I only knew about XSA 253 (which doesn't affect Qubes), no details on XSA 254 was discussed on Xen pre-disclosure list back then...

    1 reply 2 likes
  9. 28 Nov 2017

    Qubes Security Bulletin #36: Xen hypervisor issue in populate-on-demand code (XSA-247)

    8 retweets 22 likes
  10. 25 Oct 2017

    Qubes Security Bulletin #35: Xen hypervisor issue related to grant tables (XSA-236)

    18 retweets 33 likes
  11. 12 Sep 2017

    Qubes Security Bulletin #33: Xen hypervisor (XSA-231 through XSA-234)

    23 retweets 39 likes
  12. 15 Aug 2017

    Qubes Security Bulletin #32: Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through XSA-230):

    27 retweets 50 likes
  13. 20 Jun 2017

    Qubes Security Bulletin #31: Several Xen bugs, practical impact unclear (XSA 216-224):

    37 retweets 37 likes
  14. 2 May 2017

    Qubes Security Bulletin #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214)

    2 replies 64 retweets 65 likes
  15. 11 Apr 2017
    Replying to and

    And qubes is a glorified xen instance? I'm pretty sure grsec/apparmor has a way better track record than xen. How many xsa's this year? ;D

    2 replies 5 likes
  16. 28 Mar 2017

    XSA-206 does *not* affect the security of Qubes OS, and no user action is necessary. View on the XSA tracker:

    12 retweets 23 likes
  17. 22 Mar 2017
    Replying to

    Yeah, the point was to show how much Xen bugs affect Qubes OS on average. AKA: how often to panic when new XSA comes out ;)

    2 retweets
  18. 12 Aug 2016
    Replying to

    But XSA 148 & 182 were fatal inded and so we're going to ditch PV in Qubes 4. See

    5 retweets 3 likes
  19. 5 Aug 2016

    How to exploit a Xen guest-to-host bug – XSA-182 aka CVE-2016-6258 – and screw over a Qubes OS box

    3 retweets
  20. 5 Aug 2016

    readings: Xen exploitation part 3: XSA-182, Qubes escape , see more

    1 retweet 4 likes

No results.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.