qubes-doc/SecurityBulletins.md
Joanna Rutkowska dc4535717e SecurityBulletins changed
Added QSB12
2014-10-01 12:15:02 +00:00

43 lines
2.1 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: wiki
title: SecurityBulletins
permalink: /wiki/SecurityBulletins/
---
Qubes Security Bulletins
========================
2010
----
- None
2011
----
- [Qubes Security Bulletin \#1](https://groups.google.com/d/msg/qubes-devel/kRQSQircYKk/KW1lihKLFjYJ) (Gui daemon bug, Intel VT-d escape on non-IR hardware)
2012
----
- [Qubes Security Bulletin \#2](https://groups.google.com/d/msg/qubes-devel/JIpZoQUP6dQ/g6TvtpUHzBQJ) (Intel SYSRET bug)
- [Qubes Security Bulletin \#3](https://groups.google.com/d/msg/qubes-devel/KM1jMCE5SZM/La350T7h7C0J) (Xen hypervisor bugs: XSA 13, others with DoS potential)
- [Qubes Security Bulletin \#4](https://groups.google.com/d/msg/qubes-devel/0y8ikKy5l7c/sME-x9Ov7CgJ) (Qubes firewall misconfiguration: ipv6 allowed)
- [Qubes Security Bulletin \#5](https://groups.google.com/d/msg/qubes-devel/pXADmQOMmvo/VSdk2IDk0a0J) (Xen hypervisor bugs: XSA 29, others with DoS potential)
2013
----
- [Qubes Security Bulletin \#6](https://groups.google.com/d/msg/qubes-devel/UirCw7R3Muo/muBA8UixL54J) (Xen hypervisor bugs: XSA 50, others with DoS potential)
- [Qubes Security Bulletin \#7](https://groups.google.com/d/msg/qubes-devel/KqZdbcgkTGU/YaTwNcQhcrgJ) (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks)
- [Qubes Security Bulletin \#8](https://groups.google.com/d/msg/qubes-devel/xj9KAW5inQc/YOrhOAQ7HU0J) (Xen hypervisor bugs: XSA 45,58 potential DoS)
2014
----
- [Qubes Security Bulletin \#9](https://groups.google.com/d/msg/qubes-devel/XgTo6L8-5XA/JLOadvBqnqMJ) (Qubes qvm-open-in-[d]vm environment inter-VM leak)
- [Qubes Security Bulletin \#10](https://groups.google.com/d/msg/qubes-devel/VO1URqYWbok/8vp-VnE7iXEJ) (Qubes pulseaudio & vchan bugs, Xen XSA 87)
- [Qubes Security Bulletin \#11](https://groups.google.com/d/msg/qubes-devel/QHXI0qXAPhk/gSF7m4KD37QJ) (Qubes clipboard inter-VM leak)
- [Qubes Security Bulletin \#12](https://groups.google.com/d/msg/qubes-devel/HgQ_aWt-EBU/8VWzu2IrQdQJ) (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108))