qubes-doc/en/security/security-bulletins.md

---
layout: doc
title: Security Bulletins
permalink: /en/doc/security-bulletins/
redirect_from: 
- /doc/SecurityBulletins/
- /wiki/SecurityBulletins/
- /trac/wiki/SecurityBulletins/
---

Qubes Security Bulletins
========================

Qubes Security Bulletins are published through the [Qubes Security Pack](/en/doc/security-pack/).

2010
----

-   None

2011
----

-   [Qubes Security Bulletin \#01](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-001-2011.txt) (Gui daemon bug, Intel VT-d escape on non-IR hardware)

2012
----

-   [Qubes Security Bulletin \#02](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-002-2012.txt) (Intel SYSRET bug)
-   [Qubes Security Bulletin \#03](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-003-2012.txt) (Xen hypervisor bugs: XSA 13, others with DoS potential)
-   [Qubes Security Bulletin \#04](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-004-2012.txt) (Qubes firewall misconfiguration: ipv6 allowed)
-   [Qubes Security Bulletin \#05](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-005-2012.txt) (Xen hypervisor bugs: XSA 29, others with DoS potential)

2013
----

-   [Qubes Security Bulletin \#06](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-006-2013.txt) (Xen hypervisor bugs: XSA 50, others with DoS potential)
-   [Qubes Security Bulletin \#07](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-007-2013.txt) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks)
-   [Qubes Security Bulletin \#08](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-008-2013.txt) (Xen hypervisor bugs: XSA 45,58 potential DoS)

2014
----

-   [Qubes Security Bulletin \#09](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-009-2014.txt) (Qubes qvm-open-in-[d]vm environment inter-VM leak)
-   [Qubes Security Bulletin \#10](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-010-2014.txt) (Qubes pulseaudio & vchan bugs, Xen XSA 87)
-   [Qubes Security Bulletin \#11](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-011-2014.txt) (Qubes clipboard inter-VM leak)
-   [Qubes Security Bulletin \#12](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-012-2014.txt) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108))

2015
----

-   [Qubes Security Bulletin \#13](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-013-2015.txt) (Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsistency)
-   [Qubes Security Bulletin \#14](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-014-2015.txt) (Race condition in Qubes Inter-VM File-Copy Mechanism)
-   [Qubes Security Bulletin \#15](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-015-2015.txt) (Critical Xen Hypervisor Vulnerability (XSA 109))
SecurityBulletins changed Initial version 2012-06-12 05:01:41 -04:00			`---`
wiki -> doc migration 2015-04-10 16:17:45 -04:00			`layout: doc`
Update page titles from CamelCase to lowercase-hyphen-separated (closes QubesOS/qubes-issues#1205) 2015-10-13 23:31:03 -04:00			`title: Security Bulletins`
Change URIs from CamelCase to lowercase-hyphen-separated 2015-10-11 03:04:59 -04:00			`permalink: /en/doc/security-bulletins/`
Supporting more old trac links for backward compatibility in QSB. 2015-07-17 18:46:04 -04:00			`redirect_from:`
Change URIs from CamelCase to lowercase-hyphen-separated 2015-10-11 03:04:59 -04:00			`- /doc/SecurityBulletins/`
Supporting more old trac links for backward compatibility in QSB. 2015-07-17 18:46:04 -04:00			`- /wiki/SecurityBulletins/`
			`- /trac/wiki/SecurityBulletins/`
SecurityBulletins changed Initial version 2012-06-12 05:01:41 -04:00			`---`

			`Qubes Security Bulletins`
			`========================`

Change URIs from CamelCase to lowercase-hyphen-separated 2015-10-11 03:04:59 -04:00			`Qubes Security Bulletins are published through the [Qubes Security Pack](/en/doc/security-pack/).`
SecurityBulletins changed Added link to SecurityPack 2015-01-14 07:24:23 -05:00
SecurityBulletins changed Initial version 2012-06-12 05:01:41 -04:00			`2010`
			`----`

SecurityBulletins changed Corected link to QSB #2, added "None" to 2010 2012-06-15 06:36:15 -04:00			`- None`

SecurityBulletins changed Initial version 2012-06-12 05:01:41 -04:00			`2011`
			`----`

Remove zero-width spaces (U+200B) left by trac 2015-05-08 09:17:21 -04:00			`- [Qubes Security Bulletin \#01](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-001-2011.txt) (Gui daemon bug, Intel VT-d escape on non-IR hardware)`
SecurityBulletins changed Initial version 2012-06-12 05:01:41 -04:00
			`2012`
			`----`
SecurityBulletins changed Added link to QSB #2 2012-06-12 08:19:24 -04:00
Remove zero-width spaces (U+200B) left by trac 2015-05-08 09:17:21 -04:00			`- [Qubes Security Bulletin \#02](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-002-2012.txt) (Intel SYSRET bug)`
			`- [Qubes Security Bulletin \#03](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-003-2012.txt) (Xen hypervisor bugs: XSA 13, others with DoS potential)`
			`- [Qubes Security Bulletin \#04](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-004-2012.txt) (Qubes firewall misconfiguration: ipv6 allowed)`
			`- [Qubes Security Bulletin \#05](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-005-2012.txt) (Xen hypervisor bugs: XSA 29, others with DoS potential)`
SecurityBulletins changed Added link to QSB #2 2012-06-12 08:19:24 -04:00
SecurityBulletins changed Added link to QBS #6 2013-05-07 04:13:50 -04:00			`2013`
			`----`

Remove zero-width spaces (U+200B) left by trac 2015-05-08 09:17:21 -04:00			`- [Qubes Security Bulletin \#06](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-006-2013.txt) (Xen hypervisor bugs: XSA 50, others with DoS potential)`
			`- [Qubes Security Bulletin \#07](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-007-2013.txt) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks)`
			`- [Qubes Security Bulletin \#08](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-008-2013.txt) (Xen hypervisor bugs: XSA 45,58 potential DoS)`
SecurityBulletins changed Added link to QBS #6 2013-05-07 04:13:50 -04:00
SecurityBulletins changed Added QSB #9 2014-01-09 12:19:34 -05:00			`2014`
			`----`

Remove zero-width spaces (U+200B) left by trac 2015-05-08 09:17:21 -04:00			`- [Qubes Security Bulletin \#09](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-009-2014.txt) (Qubes qvm-open-in-[d]vm environment inter-VM leak)`
			`- [Qubes Security Bulletin \#10](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-010-2014.txt) (Qubes pulseaudio & vchan bugs, Xen XSA 87)`
			`- [Qubes Security Bulletin \#11](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-011-2014.txt) (Qubes clipboard inter-VM leak)`
			`- [Qubes Security Bulletin \#12](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-012-2014.txt) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108))`
SecurityBulletins changed Updated old links, made numbering consistent, and added most recent QSB 2015-01-14 07:30:07 -05:00
			`2015`
			`----`

Remove zero-width spaces (U+200B) left by trac 2015-05-08 09:17:21 -04:00			`- [Qubes Security Bulletin \#13](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-013-2015.txt) (Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsistency)`
			`- [Qubes Security Bulletin \#14](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-014-2015.txt) (Race condition in Qubes Inter-VM File-Copy Mechanism)`
			`- [Qubes Security Bulletin \#15](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-015-2015.txt) (Critical Xen Hypervisor Vulnerability (XSA 109))`
SecurityBulletins changed Added QSB #9 2014-01-09 12:19:34 -05:00