[qubes-users] Qubes OS 4.2.0-rc5 is available for testing

Dear Qubes Community, We're pleased to announce that the fifth [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

[qubes-users] QSB-097: "Reptar" Intel redundant prefix vulnerability

imon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan N

[qubes-users] XSAs released on 2023-11-14

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected* by at least one of these XSAs. ## XSAs that DO affect the security of Qubes OS The following XSAs *do

[qubes-users] QSB-096: BTC/SRSO fixes not fully effective (XSA-446)

gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation Signing)"

Re: [qubes-users] Fedora 37 approaching EOL

On 10/22/23 8:31 AM, Ulrich Windl (Google) wrote: > Hi! > > Wondering about "Dom0 upgraded to Fedora 37 > (#6982[https://github.com/QubesOS/qubes-issues/issues/6982])": > Is it planned to upgrade before final release? > > Regards, > Ulrich > No, please see our note on dom0 and EOL:

[qubes-users] Qubes OS 4.2.0-rc4 is available for testing

Dear Qubes Community, We're pleased to announce that the fourth [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

[qubes-users] Fedora 37 approaching EOL

Dear Qubes Community, Fedora 37 is currently [scheduled](https://fedorapeople.org/groups/schedule/f-39/f-39-key-tasks.html) to reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-11-21. We strongly recommend that all users

[qubes-users] XSAs released on 2023-10-10

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-users] QSB-095: Missing IOMMU TLB flushing on x86 AMD systems

ecked due to a missing key gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key

[qubes-users] XSAs released on 2023-09-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-users] QSB-094: x86/AMD: Divide speculative information leak

216CE09C093C: 1 signature not checked due to a missing key gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not chec

Re: [qubes-users] Update problem with a 'debian-12-minimal' based template

On 9/26/23 10:29 PM, Viktor Ransmayr wrote: > Hello community, > > I've started to update my Debian-based VMs from 11 to 12. > > As part of this exercise, I also switched from 'debian-11' to > 'debian-12-minimal' as the initial template to clone from. > > In general I'm quite happy with the

[qubes-users] XSAs released on 2023-09-20

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-users] Tickets for Qubes OS Summit 2023 are now available!

Dear Qubes Community, The following announcement is from 3mdeb: [](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023-tickets.png) We have options for

[qubes-users] Qubes Canary 036

" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & Documentation Signing

Re: [qubes-users] Re: The NitroPC Pro is Qubes-certified!

On 9/7/23 1:38 PM, Leo28C wrote: > Is it "not certified" as in it doesn't run at all, or is it just to stop > people from paying an extra 3 grand when the OS is software-rendered? > When Nitrokey asked for the NitroPC Pro to be Qubes-certified, they did not ask for any discrete graphics

[qubes-users] Re: The NitroPC Pro is Qubes-certified!

On 9/6/23 10:57 AM, Andrew David Wong wrote: > Dear Qubes Community, > > It is our pleasure to announce that the [NitroPC > Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is [officially > certified](https://www.qubes-os.org/doc/certified-hardware/) for Qubes

[qubes-users] XSAs released on 2023-09-05

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-users] Qubes OS 4.2.0-rc3 is available for testing

Dear Qubes Community, We're pleased to announce that the third [release candidate (RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). The ISO and associated [verification

Re: [qubes-users] Error installing Debian-12 template

On 8/28/23 1:53 PM, Ulrich Windl wrote: > Hi! > > Following the instructions at > https://www.qubes-os.org/doc/templates/debian/#installing I repeatedly got > this error messages: > > $ sudo qubes-dom0-update qubes-template-debian-12 > Redirecting to 'qvm-template install  debian-12' >

[qubes-users] Qubes OS 4.2.0-rc2 is available for testing

Dear Qubes Community, We're pleased to announce that the second [release candidate](#what-is-a-release-candidate) (RC) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). Qubes 4.2.0-rc2 is available on the [downloads](https://www.qubes-os.org/downloads/)

[qubes-users] Re: Debian 12 templates available

> [supported template releases] Link: https://www.qubes-os.org/doc/supported-releases/#templates -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Debian 12 templates available

Dear Qubes Community, The following new templates are now available: *Qube OS 4.1* - Debian 12 - Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/) *Qubes OS 4.2-rc1* - Debian 12 - Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/) - Debian 12

Re: [qubes-users] "GVFS is not available"

On 8/27/23 10:43 AM, Demi Marie Obenour wrote: > On Sat, Aug 26, 2023 at 10:39:22PM -0700, Andrew David Wong wrote: >> On 8/26/23 8:55 AM, ales...@magenta.de wrote: >>> Steve Coleman: >>>> >>>> >>>> On Sat, Aug 12, 2023, 12:54 PM >

Re: [qubes-users] "GVFS is not available"

On 8/26/23 8:55 AM, ales...@magenta.de wrote: > Steve Coleman: >> >> >> On Sat, Aug 12, 2023, 12:54 PM > > wrote: >> >>     ales...@magenta.de : >> > I am using a fresh installation of Qubes 4.1.1. >> > >> > When I use the File

[qubes-users] CORRECTION: Qubes OS Summit 2023: OCTOBER 6-8 in Berlin

Dear Qubes Community, _My apologies for the incorrect subject line in my previous email. The correct month is OCTOBER, not September!_ In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes OS Summit will be held live this year from October 6 to 8 in Berlin, Germany!

[qubes-users] Qubes OS Summit 2023: September 6-8 in Berlin

Dear Qubes Community, In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes OS Summit will be held live this year from October 6 to 8 in Berlin, Germany! For more information about this event, including the CFP (which is open until October 2), please see:

[qubes-users] XSAs released on 2023-08-08

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-users] QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs

Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (

[qubes-users] Changing the way we use milestones in the issue tracker

## Summary Issues will no longer be assigned to milestones by default. Most issues won't have milestones. The Qubes developers will manually assign issues to milestones. We'll use labels like "affects-4.1" and "affects-4.2" to represent affected releases instead of milestones. The "Release

[qubes-users] QSB-092: Buffer overrun in Linux netback driver (XSA-432)

uot;HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentatio

[qubes-users] Update for QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "

[qubes-users] XSAs released on 2023-08-01

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

Re: [qubes-users] Disabling Hibernation universally

On 7/29/23 8:48 AM, ales...@magenta.de wrote: > I am still in the process of configuring Qubes (4.1.1). I am trying now to > disable Hibernation at all level of the system. > > I couldn't find any reference of Hibernation in the official documentation or > the Wiki. Could someone describe the

[qubes-users] QSB-091: Windows PV drivers potentially compromised

"Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan

[qubes-users] XSAs released on 2023-07-24

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-users] QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

to a missing key gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A

Re: [qubes-users] QubesIncoming folder in /tmp ??

On 6/30/23 3:27 AM, haaber wrote: > Hi I was wondering if it would not me preferable (at least in some VM's) > to delocalise the QubesIncoming folder in /tmp to have it "cleaned up" > regularly. It's a pain to do so manually. Is there a problem doing so ?  > What would be the cleanest way to do

Re: [qubes-users] split firefox & thunderbird credentials?

On 6/22/23 7:38 AM, haaber wrote: > I was wondering if the awesome split-ssh and split-gpg  family could be > extended by a split-mozilla brother, that outsources passwords to vault > without exposing them? The lack of such a feature obliges me *not* to > save them within the two apps, which is a

Re: [qubes-users] Q4.1 xfce - "clicks in the void"

On 6/5/23 3:39 AM, haaber wrote: > I often experience clicks that get lost "in the void" meaning that the > actual xfce windows does not seem to receive them. > > Typical example: I use firefox, and a noscript pop-up ("load > anonymously") with a button to click on: but I can't. What helps then,

[qubes-users] Qubes OS 4.2.0-rc1 is available for testing

Dear Qubes Community, We're pleased to announce that the first [release candidate](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for [testing](https://www.qubes-os.org/doc/testing/). This [minor release](#what-is-a-minor-release) includes several new features and

[qubes-users] Qubes Canary 035

rted gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gp

[qubes-users] XSAs released on 2023-05-16

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

Re: [qubes-users] Best practice VPN in Qubes

On 5/13/23 7:33 AM, taran1s wrote: > > > Demi Marie Obenour: >> On Sat, May 13, 2023 at 10:57:00AM +, Qubes OS Users Mailing List wrote: >>> Andrew David Wong: >>>> On 5/12/23 4:31 AM, 'taran1s' via qubes-users wrote: >>>>> If anon-whoni

Re: [qubes-users] Best practice VPN in Qubes

On 5/12/23 4:31 AM, 'taran1s' via qubes-users wrote: > If anon-whonix AppVM is set to use mullvad-VPN that is connected to > sys-whonix it doesn't connect to internet. If one uses Debian or Fedora based > AppVM and runs vanilla Firefox, it works like a breeze. > > Any ideas how to solve this? >

Re: [qubes-users] Re: QSB-089: Qrexec: Memory corruption in service request handling

On 5/11/23 11:00 PM, Vít Šesták wrote: > If the process is not reused, just an update without restarting anything is > enough, isn't it? (This wouldn't be the case if the process was forking > from a zygote.) Marek has previously told me that only Xen and Kernel updates require a reboot. FWIW,

[qubes-users] Fedora 36 reaches EOL on 2023-05-16

Dear Qubes Community, The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/annou...@lists.fedoraproject.org/thread/4GXBZJSGQ2PEKIBM2APCTLXBS6IDKSOP/) that Fedora 36 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-05-16. We

[qubes-users] QSB-089: Qrexec: Memory corruption in service request handling

09C093C: public key "HW42 (Qubes Signing Key)" imported gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David

Re: [qubes-users] Colourful prompt

On 5/3/23 4:02 AM, Qubes wrote: > I have noticed on Fedora, the cli prompt itself is not colourful although the > rest of the output is. Is there a way to get the prompt itself in colour as > well? The prompt on Debian is in colour, it makes it easier to find things > when the prompt is in

Re: [qubes-users] The NovaCustom NV41 Series laptop is Qubes-certified!

On 5/3/23 8:30 AM, Leo28C wrote: > On Wed, May 3, 2023 at 5:12 AM Andrew David Wong wrote: > >> nor can we control whether physical hardware is modified (whether >> maliciously or otherwise) *en route* to the user. >> > > Actually you could: > > 1)

[qubes-users] The NovaCustom NV41 Series laptop is Qubes-certified!

Dear Qubes Community, It is our pleasure to announce that the [NovaCustom NV41 Series](https://configurelaptop.eu/nv41-series/) laptop has become the fifth [Qubes-certified computer](https://www.qubes-os.org/doc/certified-hardware/) for Qubes 4.X! ## About the NovaCustom NV41 Series The

[qubes-users] XSAs released on 2023-04-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

Re: [qubes-users] networking in minimal-qube ??

On 4/24/23 11:25 PM, haaber wrote: > I grabbed a debian-11-minimal, updated it & installed thunderbird into > it to have a mail-reading template. > > It worked for some hours, but now it lost network access in its AppVM's. > When I restart the same appvm with debian-11 network is back.  Do I miss

Re: [qubes-users] Odd behavior wile running two separate Whonix gateways

On 3/23/23 9:23 PM, tiesta_symonne61 via qubes-users wrote: > I'm pretty > sure the actual traffic is being routed through the correct gateways, but > my only metric for knowing that is looking at CPU usage while stressing > the connection and making sure the correct chain of net vm's light up. >

[qubes-users] QSB-088: Two Xen issues affecting PV (stub-)domains (XSA-428, XSA-429)

bes OS signing key)" imported gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes Documentation Signing Key)" imported gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website &am

[qubes-users] Marek Marczykowski-Górecki to be interviewed at Dasharo virtual event

Dear Qubes Community, Our project lead, [Marek Marczykowski-Górecki](https://www.qubes-os.org/team/#marek-marczykowski-górecki) will be interviewed tomorrow during the [Dasharo Developers vPub](https://vpub.dasharo.com/e/1/dasharo-user-group-1). This is a virtual event hosted by the

[qubes-users] The Dasharo FidelisGuard Z690 is the first Qubes-certified desktop computer!

Dear Qubes Community, It is our pleasure to announce that the [Dasharo FidelisGuard Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/) has become the fourth [Qubes-certified computer](https://www.qubes-os.org/doc/certified-hardware/) for Qubes 4.X

[qubes-users] Qubes OS 4.1.2 has been released!

Dear Qubes Community, We're pleased to announce the stable release of Qubes 4.1.2! This release aims to consolidate all the security patches, bug fixes, and upstream template OS upgrades that have occurred since the initial Qubes 4.1.0 release. Our goal is to provide a secure and convenient

Re: [qubes-users] Qubes Canary 034

On 3/3/23 1:33 AM, Cristian Margine wrote: > Hello, > You sent the wrong canary. text(it is the text from 033) The current canary > is not signed on December 04. 2022. > > > Cristian > Fixed, thank you. -- You received this message because you are subscribed to the Google Groups

[qubes-users] Re: [CORRECTED] Qubes Canary 034

Dear Qubes Community, *Editor's note*: An earlier version of this announcement mistakenly contained the text of an older canary. This has been corrected below. As always, we encourage readers to verify the cryptographic signatures on canaries, which can always be found in the [Qubes security

[qubes-users] Qubes Canary 034

Dear Qubes Community, We have published a new [Qubes canary](https://www.qubes-os.org/security/canary/). The text of this canary is reproduced below. This canary and its accompanying cryptographic signatures will always be available in the [Qubes security pack

Re: [qubes-users] HCL - Yoga 7 16IAP7

On 2/23/23 7:05 AM, disp...@proslo.dev wrote: > Empty Message > Hi there, It looks like you sent an empty message with no body text and no attachments. Did you mean to add your HCL report to this email? -- You received this message because you are subscribed to the Google Groups

[qubes-users] XSAs released on 2023-02-14

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-users] Qubes OS 4.1.2-rc1 has been released!

Dear Qubes Community, We're pleased to announce the first [release candidate](#what-is-a-release-candidate) for Qubes 4.1.2! This [patch release](#what-is-a-patch-release) aims to consolidate all the security patches, bug fixes, and upstream template OS upgrades that have occurred since prior

Re: [qubes-users] Passing a YubiKey to a VM?

On 2/7/23 12:24 PM, Ulrich Windl wrote: > How do you use a YubiKey (OpenPGP card, etc.) in Qubes OS? In case you (or anyone else reading this) has not already seen it, there is a documentation page on this: https://www.qubes-os.org/doc/yubikey/ -- You received this message because you are

Re: [qubes-users] network in template (Qubes 4.1)

On 2/1/23 12:54 PM, davaiigoo wrote: > According to the documentation, there is way to enable networking in Qubes > templates for sources other than updates from apt-get or dnf . > > https://www.qubes-os.org/doc/how-to-install-software/#installing-software-from-other-sources > > Tried different

[qubes-users] Guest post: "TrenchBoot Anti Evil Maid for Qubes OS" by Michal Zygowski of 3mdeb

Dear Qubes Community, The following is a guest post by Michal Zygowski from [3mdeb](https://3mdeb.com/) on the work they've been doing to upgrade [Anti Evil Maid (AEM)](https://www.qubes-os.org/doc/anti-evil-maid/). The original post can be found on the [3mdeb

[qubes-users] XSAs released on 2023-01-25

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-users] Support the Qubes OS Project via Proton's charity fundraiser!

Dear Qubes Community, The Qubes OS Project is grateful to have been selected as one of the beneficiaries of this year's Proton charity fundraiser alongside so many other wonderful organizations. The continued support of the privacy community means the world to us! For details about the

Re: [qubes-users] Obsidian - PKB under Q?

On 12/10/22 8:20 AM, Foilsurf wrote: > Hello, > Obsidian is quite simple tech (text-files), but quite clever for taking > notes. And run under Linux (TheBrain e.g. not any more). Additionally it > has the local principal, so it would be found a perfect place in a own VM, > I think. > Would it

[qubes-users] Fedora 35 reaches EOL on 2022-12-13

Dear Qubes Community, The Fedora Project has [announced](https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/thread/OGTVKLX7OXBYCEUQ66UY4YK3T6QHAYW5/) that Fedora 35 will reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2022-12-13. We

[qubes-users] XSAs released on 2022-12-06

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that DO affect the security of Qubes OS The

[qubes-users] Qubes Canary 033

Dear Qubes Community, We have published Qubes Canary 033. The text of this canary is reproduced below. This canary and its accompanying signatures will always be available in the Qubes security pack (qubes-secpack). View Qubes Canary 033 in the qubes-secpack:

[qubes-users] QSB-087: Qrexec: Injection of unsanitized data into log output

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 087: Qrexec: Injection of unsanitized data into log output](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-087-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying

[qubes-users] XSAs released on 2022-11-08

Dear Qubes Community, The [Xen Project](https://xenproject.org/) has released one or more [Xen security advisories (XSAs)](https://xenbits.xen.org/xsa/). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following

[qubes-users] QSB-086: Speculative security issues on AMD CPUs (XSA-422)

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 086: Speculative security issues on AMD CPUs (XSA-422)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-086-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying signatures

[qubes-users] XSAs released on 2022-11-01

Dear Qubes Community, The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS *is affected*. Therefore, *user action is required*. ## XSAs that DO affect the security of Qubes OS The following XSAs *do affect* the security of Qubes OS: - XSA-414

[qubes-users] QSB-085: Xenstore: Guests can crash xenstored (XSA-414)

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 085: Xenstore: Guests can crash xenstored (XSA-414)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-085-2022.txt). The text of this QSB is reproduced below. This QSB and its accompanying signatures will

Re: [qubes-users] Task bar disappeared?

On 10/28/22 9:06 AM, Scat wrote: > I just had a strange experience, here is what happened: > > - My computer accidentally shut down as the computer became unplugged > - I am not sure if I accidentally hid the task bar? > > Regardless my task bar disappeared...not sure I am using the right term

[qubes-users] New user guide: How to organize your qubes

Dear Qubes Community, We have just published a new article: "New user guide: How to organize your qubes" https://www.qubes-os.org/news/2022/10/28/how-to-organize-your-qubes/ As a courtesy to plain-text email users, the plain-text source is reproduced below.

[qubes-users] XSAs released on 2022-10-11

Dear Qubes Community, The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that affect the security of Qubes OS (user action required) The following XSAs *do affect* the security of

[qubes-users] The Qubes OS Project is now accepting donations on Ethereum!

Dear Qubes Community, We are pleased to announce that the Qubes OS Project is now accepting [donations](https://www.qubes-os.org/donate/) on [Ethereum](https://ethereum.org/) (Mainnet) at the following address: ``` 0xDaa04647e8ecb616801F9bE89712771F6D291a0C ``` *Warning*: This [Gnosis

Re: [EXT] Re: [qubes-users] Installer does not work, no templates to install

On 9/16/22 5:43 AM, Demi Marie Obenour wrote: > On Fri, Sep 16, 2022 at 05:42:05AM -0700, Andrew David Wong wrote: >> On 9/15/22 12:25 AM, Demi Marie Obenour wrote: >>> On Thu, Sep 15, 2022 at 01:38:57AM +0200, Ulrich Windl wrote: >>>> On 7/31/22 15:23, 'awokd' via q

Re: [EXT] Re: [qubes-users] Installer does not work, no templates to install

On 9/15/22 12:25 AM, Demi Marie Obenour wrote: > On Thu, Sep 15, 2022 at 01:38:57AM +0200, Ulrich Windl wrote: >> On 7/31/22 15:23, 'awokd' via qubes-users wrote: >>> 'felix' via qubes-users: I want to reinstall Qubes 4.1, but I cannot select any templates in the installer.

[qubes-users] Qubes Canary 032

Dear Qubes Community, We have published Qubes Canary 032. The text of this canary is reproduced below. This canary and its accompanying signatures will always be available in the Qubes security pack (qubes-secpack). View Qubes Canary 032 in the qubes-secpack:

[qubes-users] "Qubes OS Summit: History from organizer's perspective" by Michał Żygowski

Dear Qubes Community, We've just published a new guest article by Michał Żygowski from 3mdeb about the history of Qubes OS Summits. Thanks for sharing with us today, Michał! "Qubes OS Summit: History from organizer's perspective" by Michał Żygowski

Re: [qubes-users] "Upgrading" by installing

On 9/3/22 5:56 AM, Ulrich Windl wrote: > Hi ! > > So eventually I decided to upgrade my Qubes OS installation by backup, > install, then restore. > Unfortunately I'm stuck, and here is my negative experience: > First when using a custom disk layout, i.e.: reuse VG and LV from the current >

Re: [qubes-users] Problems with debian-11 dvm

On 9/3/22 2:18 PM, Ulrich Windl wrote: > Hi! > > It seems in Qubes OS 4.0 I can't select debian-11 as template for a dvm. What > are the reasons? > > Regards, > Ulrich > Disposables cannot be based directly on regular templates. Instead, you must first create an app qube and designate it as

Re: [qubes-users] firefox-esr and brave-browser work, but firefox, nautilus, thunar, gnome-terminal, xterm do not

On 8/24/22 2:31 PM, Franz wrote: > Hello, > the following command is intended to run an application in a new DVM: > > qvm-run --dispvm=debian-11-dvm --service qubes.StartApp+ > > If in place of I put firefox-esr or brave-browser it works, the > new DVM is opened and the application works as

Re: [qubes-users] reduce font size in UI

On 8/22/22 5:42 PM, Franz wrote: > Hello, > in a higher resolution screen characters are too small in templates. > Nothing seems to work to increase the text size of the user interface, such > as the text in nautilus or bookmarks in firefox or brave-browser. > > I tried > QT_SCALE_FACTOR=1.34

Re: [qubes-users] Qubes Contrib repository

On 8/21/22 8:25 AM, Steve Coleman wrote: > On Sun, Aug 21, 2022 at 10:29 AM 'unman' via qubes-users < > qubes-users@googlegroups.com> wrote: > >> On Sat, Aug 13, 2022 at 10:02:15PM +0200, Qubes wrote: >> >> qubes-dom0-update --repo=qubes-contrib-dom0-r4.1-current --action=list >> > Q1: Is there

Re: [qubes-users] Missing data after Qubes restore from backup

On 8/14/22 8:36 AM, 'Crsi' via qubes-users wrote: > I also checked "verify backup" -- no error reported. Just to clarify, the "verify only" option simulates a restore operation without actually writing any data from the backup to disk. This has two implications: 1. This option is not at all

Re: [qubes-users] qvm-prefs default_dispvm debian-11-mu-dvm

On 8/9/22 12:40 PM, Franz wrote: > On Tue, Aug 9, 2022 at 4:33 PM Qubes wrote: > >> Franz wrote: >>> Hello, dear friends >>> >>> New installation 4.1.1 >>> >>> I am trying to set debian-11-mu-dvm as default disp vm template for the >>> whole system, but the command >>> >>> qvm-prefs

Re: [qubes-users] Install ttf-mscorefonts-installer on debian 11

On 8/9/22 7:00 AM, roger paranoia wrote: > Hello > > I would like to install ttf-mscorefonts-installer with the following > command: > > sudo apt install ttf-mscorefonts-installer > > but as it privative stuff, it is not directly available in the regular > repositories. It actually tries to

[qubes-users] QSB-084: Split GPG: GnuPG file descriptor confusion and file existence leak

Dear Qubes Community, We have just published [Qubes Security Bulletin (QSB) 084: Split GPG: GnuPG file descriptor confusion and file existence leak](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-084-2022.txt). The text of this QSB is reproduced below. This QSB and its

[qubes-users] Qubes OS 4.0 has reached EOL

Dear Qubes Community, As [previously announced](https://www.qubes-os.org/news/2022/07/04/qubes-os-4-0-eol-on-2022-08-04/), all releases in the Qubes 4.0 series (which includes the most recent 4.0.4 patch release) have officially reached EOL (end-of-life) as of today, 2022-08-04. We strongly

[qubes-users] Qubes OS Summit 2022: September 9-11 in Berlin

Dear Qubes Community, In conjunction with [3mdeb](https://3mdeb.com/), the fourth edition of our Qubes OS Summit will be held live this year from September 9 to 11 in Berlin, Germany! For more information about this event, including the CFP (which is open until August 29), please see:

[qubes-users] XSAs released on 2022-07-26

Dear Qubes Community, The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS *is not affected*. Therefore, *no user action is required*. ## XSAs that affect the security of Qubes OS (user action required) The following XSAs *do affect* the security of

Re: [qubes-users] Qubes Manager not honoring colour scheme selection

On 7/25/22 4:53 PM, 'taran1s' via qubes-users wrote: > I tried this but didn't succeed. > > sudo qubes-dom0-update qt5-qtstyleplugins > sudo qubes-dom0-update > export QT_QPA_PLATFORMTHEME=gtk2 > > cat /etc/environment QT_QPA_PLATFORMTHEME=gtk2 > cat: 'QT_QPA_PLATFORMTHEME=gtk2': No such file or

Re: [qubes-users] Qubes Manager not honoring colour scheme selection

On 7/22/22 7:07 PM, Demi Marie Obenour wrote: > [...] > > That reminds me: Marek, should we set repo_gpgcheck=1 and/or > %_pkgverify_level all in dom0, to protect against mistakes like this? FWIW: https://github.com/QubesOS/qubes-issues/issues/7628 -- You received this message because you are

  1   2   3   4   5   6   7   8   9   10   >