2012-06-12 05:01:41 -04:00
|
|
|
---
|
2015-04-10 16:17:45 -04:00
|
|
|
layout: doc
|
2012-06-12 05:01:41 -04:00
|
|
|
title: SecurityBulletins
|
2015-04-10 16:17:45 -04:00
|
|
|
permalink: /doc/SecurityBulletins/
|
2015-07-17 18:46:04 -04:00
|
|
|
redirect_from:
|
|
|
|
- /wiki/SecurityBulletins/
|
|
|
|
- /trac/wiki/SecurityBulletins/
|
2012-06-12 05:01:41 -04:00
|
|
|
---
|
|
|
|
|
|
|
|
Qubes Security Bulletins
|
|
|
|
========================
|
|
|
|
|
2015-05-08 11:42:43 -04:00
|
|
|
Qubes Security Bulletins are published through the [Qubes Security Pack](/doc/SecurityPack/).
|
2015-01-14 07:24:23 -05:00
|
|
|
|
2012-06-12 05:01:41 -04:00
|
|
|
2010
|
|
|
|
----
|
|
|
|
|
2012-06-15 06:36:15 -04:00
|
|
|
- None
|
|
|
|
|
2012-06-12 05:01:41 -04:00
|
|
|
2011
|
|
|
|
----
|
|
|
|
|
2015-05-08 09:17:21 -04:00
|
|
|
- [Qubes Security Bulletin \#01](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-001-2011.txt) (Gui daemon bug, Intel VT-d escape on non-IR hardware)
|
2012-06-12 05:01:41 -04:00
|
|
|
|
|
|
|
2012
|
|
|
|
----
|
2012-06-12 08:19:24 -04:00
|
|
|
|
2015-05-08 09:17:21 -04:00
|
|
|
- [Qubes Security Bulletin \#02](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-002-2012.txt) (Intel SYSRET bug)
|
|
|
|
- [Qubes Security Bulletin \#03](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-003-2012.txt) (Xen hypervisor bugs: XSA 13, others with DoS potential)
|
|
|
|
- [Qubes Security Bulletin \#04](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-004-2012.txt) (Qubes firewall misconfiguration: ipv6 allowed)
|
|
|
|
- [Qubes Security Bulletin \#05](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-005-2012.txt) (Xen hypervisor bugs: XSA 29, others with DoS potential)
|
2012-06-12 08:19:24 -04:00
|
|
|
|
2013-05-07 04:13:50 -04:00
|
|
|
2013
|
|
|
|
----
|
|
|
|
|
2015-05-08 09:17:21 -04:00
|
|
|
- [Qubes Security Bulletin \#06](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-006-2013.txt) (Xen hypervisor bugs: XSA 50, others with DoS potential)
|
|
|
|
- [Qubes Security Bulletin \#07](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-007-2013.txt) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks)
|
|
|
|
- [Qubes Security Bulletin \#08](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-008-2013.txt) (Xen hypervisor bugs: XSA 45,58 potential DoS)
|
2013-05-07 04:13:50 -04:00
|
|
|
|
2014-01-09 12:19:34 -05:00
|
|
|
2014
|
|
|
|
----
|
|
|
|
|
2015-05-08 09:17:21 -04:00
|
|
|
- [Qubes Security Bulletin \#09](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-009-2014.txt) (Qubes qvm-open-in-[d]vm environment inter-VM leak)
|
|
|
|
- [Qubes Security Bulletin \#10](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-010-2014.txt) (Qubes pulseaudio & vchan bugs, Xen XSA 87)
|
|
|
|
- [Qubes Security Bulletin \#11](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-011-2014.txt) (Qubes clipboard inter-VM leak)
|
|
|
|
- [Qubes Security Bulletin \#12](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-012-2014.txt) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108))
|
2015-01-14 07:30:07 -05:00
|
|
|
|
|
|
|
2015
|
|
|
|
----
|
|
|
|
|
2015-05-08 09:17:21 -04:00
|
|
|
- [Qubes Security Bulletin \#13](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-013-2015.txt) (Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsistency)
|
|
|
|
- [Qubes Security Bulletin \#14](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-014-2015.txt) (Race condition in Qubes Inter-VM File-Copy Mechanism)
|
|
|
|
- [Qubes Security Bulletin \#15](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-015-2015.txt) (Critical Xen Hypervisor Vulnerability (XSA 109))
|
2014-01-09 12:19:34 -05:00
|
|
|
|