Software Update: Qubes OS 4.1.0

A few days ago, version 4.1.0 of Qubes OS was released. Qubes OS is a privacy and security oriented operating system. It uses security by isolation, which means that the different parts of the OS run in separate VMs. In contrast to VMWare and Virtualbox, for example, there is no host OS, but the VMs run directly on the existing hardware. The virtualization is provided by bare metal hypervisor Xen and the user environment can be chosen from Fedora, Debian, Whonix and Windows, among others. More information about Qubes OS can be found on this page are being found. The most important improvements in this release are listed below.

Qubes Architecture Next Steps: The GUI Domain

The GUI domain is a qube separate from dom0 that handles all display-related tasks and some system management. This separation allows us to more securely isolate dom0 while granting the user more flexibility with respect to graphical interfaces. (Note: The GUI domain is still experimental, so it’s an opt-in feature in Qubes 4.1.0

Qubes Architecture Next Steps: The New Qrexec Policy System

Qrexec is is an RPC (remote procedure call) mechanism that allows one qube to do something inside another qube. The qrexec policy system enforces “who can do what and where.” Qubes 4.1 brings a new qrexec policy format, significant performance improvements, support for socket services, and policy notifications that make it easier to detect problems.

New Gentoo templates and maintenance infrastructure

There are three new flavors of Gentoo templates, as well as an advanced infrastructure for automated building and testing, which also supports Linux kernel and Arch Linux building and testing.

Improvements in testing and building: GitLab CI and reproducible builds

This article explains our work on continuous integration (CI), which automates and improves several aspects of the development process, and reproducible builds, which improves the security of the build and verification process.

Reproducible builds for Debian: a big step forward

This article explains the tools and infrastructure we’ve built to verify official package builds by rebuilding them. While this was supposed to be possible in theory, making it a reality required significant work, including rewriting certain components from scratch.

More improvements, bug fixes, and updated components

In addition to the articles above, there are also numerous other improvements and bug fixes listed in the release notes and in the issue tracker

Finally, Qubes 4.1.0 features the following updated default components:

  • Xen 4.14
  • Fedora 32 in dom0
  • Fedora 34 template
  • Debian 11 template
  • Whonix 16 Gateway and Workstation templates
  • Linux kernel 5.10

Version number 4.1.0
Release status Final
Website Qubes OS
Download
File size

5.50GB

License type Conditions (GNU/BSD/etc.)
Facebook Notice for EU! You need to login to view and post FB Comments!