Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-12-26 07:49:34 -05:00
Code Issues Packages Projects Releases Wiki Activity

Create XSA Tracker page (QubesOS/qubes-issues#2703)

Browse Source
This commit is contained in:
Andrew David Wong 2017-03-18 19:30:04 -07:00
parent 4879fafca1
commit 8f7f93e484
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
1 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
security-info/xsa.html Normal file
View File

@ -0,0 +1,75 @@
---
layout: security
title: Xen Security Advisory (XSA) Tracker
permalink: /security/xsa/
---
<h1>Xen Security Advisory (XSA) Tracker</h1>
<p>
<b>Notice:</b> This page is still under construction.
Until this notice is removed, the information below may not be accurate.
We appreciate your patience.
</p>
<p>
This tracker shows whether Qubes OS is affected by any given <a href="https://xenbits.xen.org/xsa/" title="Xen Security Advisory (XSA)">Xen Security Advisory (XSA)</a>.
Shortly after a new XSA is published, we will add a new row to this tracker.
Whenever Qubes is significantly affected by an XSA, a <a href="/security/bulletins/" title="Qubes Security Bulletin (QSB)">Qubes Security Bulletin (QSB)</a> is published, and a link to that QSB is added to the row for the associated XSA.
</p>
<p>
Under the "Is Qubes Affected?" column, there are two possible values: <b>Yes</b> or <b>No</b>.
<ul>
<li><b>Yes</b> means that the <em>security</em> of Qubes OS <em>is</em> affected.</li>
<li><b>No</b> means that the <em>security</em> of Qubes OS is <em>not</em> affected.</li>
</ul>
<b>Note:</b> For the purpose of this tracker, we do <em>not</em> classify mere <a href="https://en.wikipedia.org/wiki/Denial-of-service_attack">denial-of-service (DoS) attacks</a> as affecting the <em>security</em> of Qubes OS.
Therefore, if an XSA pertains <em>only</em> to DoS attacks against Qubes, the value in this column will be <b>No</b>.
</p>
<table>
<tr>
<th title="Anchor Link"><span class="fa fa-link"></span></th>
<th title="Xen Security Advisory">XSA</th>
<th>Is Qubes Affected?</th>
<th title="Qubes Security Bulletin">QSB</th>
<th>Comments</th>
</tr>
{% for xsa in site.data.xsa %}
<tr id="{{ xsa.xsa }}">
<td><a href="#{{ xsa.xsa }}" class="fa fa-link black-icon" title="Anchor link to tracker row: XSA-{{ xsa.xsa}}"></a></td>
<td>
{% if xsa.xsa <= 25 %}
<a href="https://wiki.xenproject.org/wiki/Security_Announcements_(Historical)" title="Xen Security Advisory {{ xsa.xsa }}">XSA-{{ xsa.xsa }}&nbsp;<span class="fa fa-external-link"></span></a>
{% else %}
<a href="https://xenbits.xen.org/xsa/advisory-{{ xsa.xsa }}.html" title="Xen Security Advisory {{ xsa.xsa }}">XSA-{{ xsa.xsa }}&nbsp;<span class="fa fa-external-link"></span></a>
{% endif %}
</td>
<td>
{% if xsa.affected == false %}
<abbr title="No, the security of Qubes OS is not affected by this XSA.">No</abbr>
{% elsif xsa.affected == true %}
<abbr title="Yes, the security of Qubes OS is affected by this XSA.">Yes</abbr>
{% else %}
{% endif %}
</td>
<td>
{% if xsa.qsb %}
<a href="https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-{{ xsa.qsb }}.txt" title="Qubes Security Bulletin {{ xsa.qsb }}">QSB-{{ xsa.qsb }}&nbsp;<span class="fa fa-external-link"></span></a>
{% else %}
<abbr title="Not Applicable">N/A</abbr>
{% endif %}
</td>
<td>
{% if xsa.comments %}
{{ xsa.comments }}
{% elsif xsa.qsb %}
See QSB for details
{% else %}
None
{% endif %}
</td>
</tr>
{% endfor %}
</table>