qubes-doc/security-info/security.md

55 lines
2.1 KiB
Markdown
Raw Normal View History

2017-03-18 22:31:12 -04:00
---
layout: default
title: Security
permalink: /security/
redirect_from:
- /en/security/
- /en/doc/security/
- /en/doc/qubes-security/
- /doc/QubesSecurity/
- /wiki/QubesSecurity/
- /en/doc/security-page/
- /doc/SecurityPage/
- /wiki/SecurityPage/
- /trac/wiki/SecurityPage/
---
Qubes OS Project Security Center
================================
- [Security Goals](/security/goals/)
- [Security Pack](/security/pack/)
- [Security Bulletins](/security/bulletins/)
- [Canaries](/security/canaries/)
- [Xen Security Advisory (XSA) Tracker](/security/xsa/)
- [Why and How to Verify Signatures](/security/verifying-signatures/)
- [PGP Keys](http://keys.qubes-os.org/keys/)
Reporting Security Issues in Qubes OS
-------------------------------------
2017-04-17 20:18:46 -04:00
If you believe you have found a security issue affecting Qubes OS, either directly or indirectly (e.g. the issue affects Xen in a configuration that is used in Qubes OS), then we would be more than happy to hear from you!
2017-03-18 22:31:12 -04:00
We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, release a public Security Bulletin that describes the issue, discuss potential impact of the vulnerability, reference applicable patches or workarounds, and credit the discoverer.
2017-03-18 22:31:12 -04:00
The list of all Qubes Security Advisories published so far can be found [here](/security/bulletins/).
The Qubes Security Team
-----------------------
The Qubes Security Team can be contacted via email using the following address:
~~~
security at qubes-os dot org
~~~
### Qubes Security Team GPG Key ###
Please use [this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) to encrypt any emails sent to this address. Like all GPG keys used by the Qubes project, this key is signed by the Qubes Master key. Please see [this page](/security/verifying-signatures/) for more information on how to verify the keys.
2017-03-18 22:31:12 -04:00
### Members of the Security Team ###
- Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
- Marek Marczykowski \<marmarek at invisiblethingslab dot com\>