Qubes OS 4.3.0-rc4 has been released as another step towards the final stable version, introducing updates such as Dom0 switching to Fedora 41 and Xen being updated to version 4.19. Additionally, the developers have incorporated several new features, including improved hardware setup using preloaded disposables and a refreshed New Devices API for more control over managing hardware. The testing process is ongoing, with bug reports being gathered and fixes implemented before potentially releasing another RC if needed.
The third release candidate for Qubes OS 4.3.0 has been released for testing and offers numerous new features and enhancements over its predecessor, Qubes OS 4.2. Key improvements include an upgraded Dom0 to Fedora 41, Xen boosted to version 4.19, and the introduction of a "self-identity-oriented" assignment of devices known as the New Devices API. Additionally, Qubes OS 4.3 includes security features such as special settings for templates, improved support for SSL client certificates and GPG keys, and enhanced anonymity through Whonix-Workstation qubes.
Qubes OS 4.3.0-rc2 is now available for testing, featuring numerous new features and improvements over its predecessor, Qubes OS 4.2. The release includes upgrades to Fedora 41, Xen 4.19, and updated default templates, as well as preloaded disposables, a new device assignment mechanism, and improved Qubes Windows Tools.
The first release candidate for Qubes OS 4.3.0 has been released for testing, showcasing a variety of new features and enhancements compared to Qubes OS 4.2. The release features updates to Dom0, Xen, the default Fedora template, the Debian template, and the Whonix templates. Included are preloaded disposables, a device assignment focused on self-identity orientation, and enhanced Qubes Windows Tools. The stable release is contingent upon the quantity of bugs identified and their level of severity.
The release schedule documentation outlines the procedure for gathering bug reports, prioritizing them, and addressing the issues. If required, a new release candidate is issued, and the process proceeds until a stable release is announced. Testers have the option to upgrade to Qubes 4.3.0-rc1 through a clean installation or by performing an in-place upgrade from Qubes 4.2. It is advisable to perform a complete backup prior to testing, and seasoned users are invited to participate in the testing team. A release candidate represents a software build that may evolve into a stable release, provided that no significant bugs are identified during testing. Minor releases maintain backward compatibility with previous versions of the same major release.
The release of Qubes Security Bulletin (QSB) 108 talks about Transitive Scheduler Attacks (XSA-471), a new type of speculative side-channel attack found by Microsoft and ETH Zurich. The attacks leverage timing information derived from instruction execution, enabling attackers to breach a qube and deduce the contents of any system memory.
QSB-108: Transitive Scheduler Attacks (XSA-471)
QSB-108: Transitive Scheduler Attacks (XSA-471)
Qubes OS 4.2.4 has been released and represents a stable release that brings together security patches, bug fixes, and updates from the prior stable version. The installation method provided is both secure and convenient, utilising a current ISO. The update encompasses all security enhancements, bug resolutions, and an improved Fedora template. Additional information can be found on the downloads page.
Qubes OS 4.2.4-rc1 is now available for testing, incorporating security patches, bug fixes, and updates from the previous stable release. The ISO and verification files can be accessed on the downloads page. Qubes 4.2.4 encompasses all security updates, bug fixes, and features an upgraded Fedora template. Additional details are available in the Qubes OS 4.2 release notes.
A libxl security update is available for Qubes OS:
QSB-106: Information disclosure through uninitialized memory in libxl
QSB-106: Information disclosure through uninitialized memory in libxl
Qubes OS 4.2.has been released with the latest security patches, bug fixes, and other improvements. It provides a secure and convenient installation technique using an up-to-date ISO. The ISO and verification files are available on the downloads page. The release notes for Qubes OS 4.2 provide additional information.
Qubes OS 4.2.3-rc1 is here and ready for some serious testing. This update brings together all the security patches, bug fixes, and other updates that have been made since the last stable release.
Extended security support for Qubes OS 4.1 has ended as of yesterday.
The following security updates is available for both Qubes OS 4.1 and 4.2:
QSB-104: GUI-related security bugs
QSB-104: GUI-related security bugs
A new security update is available for Qubes OS:
QSB-103: Double unlock in x86 guest IRQ handling (XSA-458)
QSB-103: Double unlock in x86 guest IRQ handling (XSA-458)
Qubes OS 4.2.2, a stable release that consolidates security patches, bug fixes, and updates from prior stable releases, has been released. It provides a secure and easy solution for users to install or reinstall the most recent stable Qubes release using an up-to-date ISO. The update contains a Fedora template upgrade and resolves problem #8332.
The first release candidate for Qubes OS 4.2.2 is now available for testing, bringing together security patches, bug fixes, and other upgrades since the last stable version. The update includes all security updates, bug fixes, an upgrade to the Fedora template, and a patch for issue #8332.
Qubes OS 4.1 has reached end-of-life as of today, but will receive extended security support until July 31, 2024.
New Fedora Linux 40 templates have been made available for Qubes OS 4.2. These templates come in three different flavors: standard, minimal, and Xfce.
Updated Xen packages are available for Qubes OS:
QSB-102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456)
QSB-102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456)
On June 18, 2024, Qubes OS 4.1 is scheduled to reach its end-of-life (EOL) status. When a release is end-of-life (EOL), it means that future updates, enhancements, and bug fixes will no longer be available for that release.
