diff --git a/SecurityBulletins.md b/SecurityBulletins.md index 1f62f49c..a64d02fa 100644 --- a/SecurityBulletins.md +++ b/SecurityBulletins.md @@ -17,28 +17,33 @@ Qubes Security Bulletins are published through the [Qubes Security Pack](/wiki/S 2011 ---- -- [​Qubes Security Bulletin \#1](https://groups.google.com/d/msg/qubes-devel/kRQSQircYKk/KW1lihKLFjYJ) (Gui daemon bug, Intel VT-d escape on non-IR hardware) +- [​Qubes Security Bulletin \#01](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-001-2011.txt) (Gui daemon bug, Intel VT-d escape on non-IR hardware) 2012 ---- -- [​Qubes Security Bulletin \#2](https://groups.google.com/d/msg/qubes-devel/JIpZoQUP6dQ/g6TvtpUHzBQJ) (Intel SYSRET bug) -- [​Qubes Security Bulletin \#3](https://groups.google.com/d/msg/qubes-devel/KM1jMCE5SZM/La350T7h7C0J) (Xen hypervisor bugs: XSA 13, others with DoS potential) -- [​Qubes Security Bulletin \#4](https://groups.google.com/d/msg/qubes-devel/0y8ikKy5l7c/sME-x9Ov7CgJ) (Qubes firewall misconfiguration: ipv6 allowed) -- [​Qubes Security Bulletin \#5](https://groups.google.com/d/msg/qubes-devel/pXADmQOMmvo/VSdk2IDk0a0J) (Xen hypervisor bugs: XSA 29, others with DoS potential) +- [​Qubes Security Bulletin \#02](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-002-2012.txt) (Intel SYSRET bug) +- [​Qubes Security Bulletin \#03](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-003-2012.txt) (Xen hypervisor bugs: XSA 13, others with DoS potential) +- [​Qubes Security Bulletin \#04](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-004-2012.txt) (Qubes firewall misconfiguration: ipv6 allowed) +- [​Qubes Security Bulletin \#05](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-005-2012.txt) (Xen hypervisor bugs: XSA 29, others with DoS potential) 2013 ---- -- [​Qubes Security Bulletin \#6](https://groups.google.com/d/msg/qubes-devel/UirCw7R3Muo/muBA8UixL54J) (Xen hypervisor bugs: XSA 50, others with DoS potential) -- [​Qubes Security Bulletin \#7](https://groups.google.com/d/msg/qubes-devel/KqZdbcgkTGU/YaTwNcQhcrgJ) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks) -- [​Qubes Security Bulletin \#8](https://groups.google.com/d/msg/qubes-devel/xj9KAW5inQc/YOrhOAQ7HU0J) (Xen hypervisor bugs: XSA 45,58 potential DoS) +- [​Qubes Security Bulletin \#06](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-006-2013.txt) (Xen hypervisor bugs: XSA 50, others with DoS potential) +- [​Qubes Security Bulletin \#07](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-007-2013.txt) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks) +- [​Qubes Security Bulletin \#08](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-008-2013.txt) (Xen hypervisor bugs: XSA 45,58 potential DoS) 2014 ---- -- [​Qubes Security Bulletin \#9](https://groups.google.com/d/msg/qubes-devel/XgTo6L8-5XA/JLOadvBqnqMJ) (Qubes qvm-open-in-[d]vm environment inter-VM leak) -- [​Qubes Security Bulletin \#10](https://groups.google.com/d/msg/qubes-devel/VO1URqYWbok/8vp-VnE7iXEJ) (Qubes pulseaudio & vchan bugs, Xen XSA 87) -- [​Qubes Security Bulletin \#11](https://groups.google.com/d/msg/qubes-devel/QHXI0qXAPhk/gSF7m4KD37QJ) (Qubes clipboard inter-VM leak) -- [​Qubes Security Bulletin \#12](https://groups.google.com/d/msg/qubes-devel/HgQ_aWt-EBU/8VWzu2IrQdQJ) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108)) +- [​Qubes Security Bulletin \#09](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-009-2014.txt) (Qubes qvm-open-in-[d]vm environment inter-VM leak) +- [​Qubes Security Bulletin \#10](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-010-2014.txt) (Qubes pulseaudio & vchan bugs, Xen XSA 87) +- [​Qubes Security Bulletin \#11](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-011-2014.txt) (Qubes clipboard inter-VM leak) +- [​Qubes Security Bulletin \#12](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-012-2014.txt) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108)) + +2015 +---- + +- [​Qubes Security Bulletin \#13](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-013-2015.txt) (Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsistency)