Tails Release Announcements

Discussion in 'all things UNIX' started by TheKid7, Apr 10, 2013.

  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    7,334
    Location:
    U.S.A. (South)
    Thanks for reply on the distinctions between releases for us.
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Technically, although Tails is based on Debian Unix releases, Tails really falls under the classification of a Privacy Technology and this thread should probably be moved over to the Privacy Technology subforum for that reason - thought of the day!

    -- Tom
     
  3. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,251
    Location:
    Adelaide
    Interesting. I usually download Tails over BitTorrent, yet came across this.
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Your link no longer exists (gets a 404 Not Found msg).

    -- Tom
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Some weeks ago they have decided to stop providing torrents any longer, but it seems they have changed their mind.
    You can still find it in the Google WebCache:
    The corresponding ticket:
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.00 Released
    06/13/2017
    Tails 3.0 works on 64-bit computers only.
    Announcement and further information

    https://tails.boum.org/news/version_3.0/index.en.html
    New features
    NEW STARTUP AND SHUTDOWN EXPERIENCE
    Tails Greeter, the application to configure Tails at startup, has been completely redesigned for ease of use:
    • All options are available from a single window.
    • Language and region settings are displayed first to benefit our international audience.
    • Accessibility features can be enabled from the start.
    This has been a long process, started three years ago with the UX team of NUMA Parisand lead only by volunteers. Join us on tails-ux@boum.org to participate in future designs!
    • The shutdown experience has also been redesigned in order to be:
      • More reliable. It was crashing on various computers with unpredictable results.
      • More discrete. The screen is now totally black to look less suspicious.
      Technically speaking, it is now using the freed memory poisoning feature of the Linux kernel.
    POLISHING THE DESKTOP
    • We switched to the default black theme of GNOME which has a more modern and discrete look:
    Tails 3.0 benefits from many other small improvements to the GNOME desktop:

    • Files has been redesigned to reduce clutter and make the interface easier to use. Several new features have been added, such as the ability to rename multiple files at the same time and the ability to extract compressed files without needing a separate application.
    • The notification area has been improved to allow easy access to previous notifications. Notification popups have also been repositioned to make them more noticeable.
    • Shortcut windows have been added to help you discover keyboard shortcuts in GNOME applications.

      For example, press Ctrl+F1 in Files to display its shortcut window.
    SECURITY IMPROVEMENTS IN DEPTH
    • Tails 3.0 works on 64-bit computers only and not on 32-bit computers anymore. Dropping hardware support, even for a small portion of our user base, is always a hard decision to make but being 64-bit only has important security and reliability benefits. For example, to protect against some types of security exploits, support for the NX bit is compulsory and most binaries are hardened with PIE which allows ASLR.
    • Update Tor Browser to 7.0 (based on Firefox 52 ESR) which is multiprocess and paves the way to content sandboxing. This should make it harder to exploit security vulnerabilities in the browser.
    MAJOR UPGRADES TO INCLUDED SOFTWARE
    • Most included software has been upgraded in Debian 9, for example:
      • KeePassX from 0.4.3 to 2.0.3
        Your password database will be migrated automatically to the new format of KeePassX2.
      • LibreOffice from 4.3.3 to 5.2.6
      • Inkscape from 0.48.5 to 0.92.1
      • Audacity from 2.0.6 to 2.1.2
      • Enigmail from 1.8.2 to 1.9.6
      • MAT from 0.5.2 to 0.6.1
      • Dasher from 4.11 to 5.0
      • git from 2.1.4 to 2.11.0
    Upgrades and changes
    • The Pidgin tray icon was removed from the top navigation bar and replaced by popup notifications.
    • Icedove was renamed as Thunderbird, its original name, inheriting this change from Debian.
    • The search box and the search feature of the address bar of the Unsafe Browser were removed. (#12540)
    • The read-only option of the persistent storage was removed. It was used by very few users, created confusion, and lead to unexpected issues. (#12093)
    Fixed problems
    • The new X.Org display server in Tails 3.0 should work on more newer graphical hardware.
    • UEFI boot has been fixed on some machines (ThinkPad X220).
    • MAC spoofing has been fixed on some network interfaces (TP-Link WN725N). (#12362)
    For more details, read our changelog.
    https://git-tails.immerda.ch/tails/plain/debian/changelog

    tails (3.0) unstable; urgency=medium

    * Major changes
    - Upgrade Tor Browser to 7.0.1 (Closes: #12635, #12657).
    - Upgrade to a new snapshot of the Debian and Torproject
    APT repositories: respectively 2017060904 and 2017060903
    (Closes: #12609).

    * Minor improvements
    - Tor Browser: enable Electrolysis (e10s), i.e. render content in a separate
    child process, which will allow to improve performance and security
    further along the road. This required us to drop our branding add-on
    and re-implement its functionality in our Tor Browser wrapper
    (Closes: #12569).
    - Clean obsolete cached packages when using the Additional Software Packages
    feature (Closes: #12400).
    - Improve KeePassX database migration handling (Closes: #12375).
    - Upgrade OnionShare to 0.9.2, from Debian sid as it has been removed
    from Stretch (Closes: #12610).
    - Upgrade Tor to 0.3.0.8 (Closes: #12656).
    - Drop obsolete bilibop patch, that was applied in 0.5.2.1.
    - Include disk space usage information in the WhisperBack bug reports.
    - Reorder technical details in WhisperBack bug reports in way that makes
    more sense when reading them.
    - Convert lc.py to Python 3.
    - Simplify some Python code thanks to subprocess.check_ouput.
    - Set the initial keyboard focus on the "Start Tails" button
    in Tails Greeter (Closes: #12509).
    - Convert Tails Greeter's Debian packaging to current best practices.

    * Bugfixes
    - Fix persistent Thunderbird configuration migration when there is
    a mimeTypes.rdf, that doesn't contain any associations to "icedove"
    or "/usr/bin/iceweasel" (Closes: #12580).
    - Fix persistent browser bookmarks, by generating them from an sqlite dump
    (Closes: #12568).
    - Use the "intel" X.Org driver for Intel Atom/Celeron/Pentium Processor
    x5-E8000/J3xxx/N3xxx Integrated Graphics Controller.
    - `exec' from our Thunderbird wrapper so it doesn't remain running.
    - Tails Installer: don't allow installing on non-removable drives
    (Closes: #10731).
    - Fetch the torbrowser-launcher sources from Debian sid:
    it's been removed from Debian testing.
    Refresh torbrowser-AppArmor-profile.patch accordingly.
    - Unsafe Browser: remove the search bar, that's currently buggy
    and its presence only encourages unsupported usage (Closes: #12573).
    - Unsafe Browser: disable searching in the address bar. It can result
    in leaking hostnames and credentials to the default search
    engine operator (Closes: #12540).
    - Make our omni.ja modifications reproducible (Closes: #12620).
    - Generate the fontconfig cache in a reproducible manner (Closes: #12567).
    - Don't include torrents/rss.html in the ISO. It's not generated
    in a deterministic manner and is worthless in the ISO (Closes: #12619).
    - Improve the language → default keyboard layout mapping
    in Tails Greeter (Closes: #12547).
    - Don't close Tails Greeter's main window when Alt-F4 is pressed
    (Closes: #12462).

    * Test suite
    - Run emergency_shutdown.feature after usb_*.feature, to reduce disk
    space requirements (Closes: #12565).
    - Deal with server messages in Pidgin.
    - Improve Pidgin connectivity check robustness.
    - Flag the Synaptic test as fragile (i.e. #12586).
    - Optimization: only test once that Tails, booted on DVD, eventually
    shuts down after wiping memory.
    - Move tests about the shutdown applet to a dedicated feature,
    as they have nothing to do with Tails' "emergency" shutdown feature.
    - Adapt the network connectivity check to Stretch, and improve it to check
    both link and IP connectivity (Closes: #12602).
    - Apply a fix from upstream Git to mutter, to fix some of its interactions
    with dogtail (Closes: #11718).
    - Mark "Scenario: Watching a WebM video" as fragile (i.e. #10442).

    * Build system
    - Set create_box -e, to make the vagrant box generation a bit more robust.
    (Closes: #12578).
    - Install kernel from backports and Tails build deps before performing
    APT upgrade, to avoid useless bandwidth usage (Closes: #12529).
    - Update submodules after merging the base branch (Closes: #12556).
    - Rakefile: fix date comparison in basebox:clean_old (Closes: #12575).
    - Rakefile: have basebox:clean_old delete baseboxes more than 4 months old
    (refs: #12576).
    - Also check for fuzzy patches' .orig files at the end of our build hooks,
    so we detect any fuzzy patches applied by hooks (Closes: #12617).
    - Remove .orig files for patches we allow to be fuzzy.
    - Don't pre-build the wiki when mergebasebranch is enabled.
    When pre-building the wiki, we modify the PO files which results in a
    conflict from the base branch merge in case it modifies the same
    files, which breaks the build (Closes: #12611).
    - Rakefile: add a task that removes all tails-builder-* libvirt volumes
    (Closes: #12599).

    -- Tails developers <tails@boum.org> Sat, 10 Jun 2017 14:39:10 +0000
     
  7. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,323
    Great! Thanks!
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.01 Released
    07/05/2017
    Announcement and further information
    Changes
    Upgrades and changes
    • Upgrade tor to 0.3.0.9-1~d90.stretch+1. (#13253)
    • Upgrade Linux to 4.9.30-2+deb9u2.
    Fixed problems
    • Fix interaction between SSH and GNOME Keyring. (#12481)
    • Have Tails Installer stop rejecting valid USB drives, pretending they're not "removable". (#12696)
    • Make behavior of the power button and lid close actions in the Greeter consistent with the regular GNOME session. (#13000)
    tails (3.0.1) unstable; urgency=medium

    * Security fixes
    - Upgrade tor to 0.3.0.9-1~d90.stretch+1 (Closes: #13253).
    - Upgrade Linux to 4.9.30-2+deb9u2.
    - Upgrade libc to 2.24-11+deb9u1.
    - Upgrade libexpat1 to 2.2.0-2+deb9u1.
    - Upgrade libgcrypt20 to 1.7.6-2+deb9u1.
    - Upgrade libgnutls30 to 3.5.8-5+deb9u1.
    - Enable Debian security APT sources (Closes: #12309).

    * Minor improvements
    - Use a higher resolution image in Tails persistence setup
    (Closes: #12510).

    * Bugfixes
    - Forcibly set $SSH_AUTH_SOCK before starting GNOME
    Shell. Apparently, due to a race condition, GNOME keyring
    sometimes fails to tell the session manager about the correct
    SSH_AUTH_SOCK, and thus GNOME Terminal hasn't this variable set
    and any ssh process started in there won't use the (perfectly
    working) SSH agent (Closes: #12481).
    - Fix issue that made Tails Installer rejects working USB drives,
    pretending they're not "removable" (Closes: #12696).
    - Make behavior of the power button and lid close actions in the Greeter
    consistent with the regular GNOME session (Closes: #13000).

    * Build system
    - Track the latest debian-security archive for the corresponding
    APT sources, and not for the unrelated jessie-updates (Closes:
    #12829).
    - Print APT sources used in the build VM, to help debugging issues
    such as #12829.

    -- Tails developers <tails@boum.org> Tue, 04 Jul 2017 15:59:18 +0200
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.1 Released
    08/08/2017
    Announcement and further information
    Changes
    Upgrades and changes
    • Update Tor Browser to 7.0.4.
    • Update Linux to 4.9.30-2+deb9u3.
    Fixed problems
    • Make sure that Thunderbird erases its temporary directory, containing for example attachments opened in the past. #13340
    • Fix translations of the time synchronization and "Tor is ready" notifications. #13437
    For more details, read our changelog.
    tails (3.1) unstable; urgency=medium

    * Security fixes
    - Upgrade Tor Browser to 7.0.4-build1 (Closes: #13577).
    - Upgrade Linux to 4.9.30-2+deb9u3.
    - Upgrade libtiff to 4.0.8-2+deb9u1.
    - Upgrade bind9 to 1:9.10.3.dfsg.P4-12.3+deb9u2.
    - Upgrate evince to 3.22.1-3+deb9u1.
    - Upgrade imagemagick 8:6.9.7.4+dfsg-11+deb9u1.
    - Ensure Thunderbird cleans its temporary directory. (Closes: #13340).

    * Minor improvements
    - Patch gconf to produce reproducible XML output (refs: #12738). This is
    the temporary solution for #12738 in Tails 3.1 which will be reverted
    (and fixed permanently by removing gconf) in Tails 3.2.
    - Apply Debian bts patch to cracklib to produce reproducible dictionnaries
    (Closes: #12909).
    - Upgrade to Debian 9.1 (Closes: #13178).

    * Bugfixes
    - Replace faulty URL in htpdate neutral pool (Closes: #13472).
    - Keep installing a version of Enigmail compatible with Thunderbird 45.x
    (Closes: #13530).
    - Fix the time syncing and Tor notifications translations (Closes: #13437).

    * Build system
    - Upgrade the Vagrant basebox for building ISO images to Stretch
    (Closes: #11738).
    - Fix on-disk build by bumping Vagrant build VM memory to 768M
    (Closes: #13480).
    - Fix rescue build option by exporting TAILS_BUILD_FAILURE_RESCUE
    (Closes: #13476).

    * Test suite
    - mark gnome screenshot scenario as fragile (refs: #13458
    - mark UEFI scenario as fragile (refs: #13459).

    -- Tails developers <tails@boum.org> Sat, 05 Aug 2017 15:25:51 +0200
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.2 Released
    09/26/2017
    Announcement and further information
    Changes
    New features
    • We added support for PPPoE and dial-up Internet connections.
      Please tell us if this still doesn't work for you!
    • We installed BookletImposer to convert linear PDF documents into booklets, and vice-versa.
    • We added GNOME Screen Keyboard to replace Florence, the previous virtual keyboard, which had many issues.
    Upgrades and changes
    • Upgrade Linux to 4.12.12. This should improve the support for newer hardware, especially NVIDIA Maxwell graphics card.
    • Upgrade Thunderbird from 45.8 to 52.3.
    USER EXPERIENCE
    • Require a 8 GB USB stick to install Tails. 4 GB USB sticks that are already installed can still be upgraded.
    • Tails Installer now detects when the target USB stick has Tails installed already and automatically proposes to upgrade. This made possible to remove the initial splash screen.
    SECURITY
    • Disable Bluetooth to protect against the BlueBorne attack. #14655
      Please let us know if this makes it hard for you to use Tails!

    • Increase the randomization of ASLR to the maximum. #11840
    • Deny access to the D-Bus service of Pidgin to prevent other applications to access and modify its configuration. #14612.
    Fixed problems
    • Fix the import of secret OpenPGP keys in Password and Keys. #12733
    For more details, read our changelog.
    tails (3.2) unstable; urgency=medium

    * Major changes
    - Upgrade Linux packages to the Debian kernel 4.12.0-2, based on
    mainline Linux 4.12.12 (Closes: #11831, #12732, #14673).

    * Security fixes
    - Upgrade Tor Browser to 7.0.6-build3 (Closes: #14696).
    - Upgrade to Thunderbird 52.3.0 (Closes: #12639).
    - Deny access to Pidgin's D-Bus service (Closes: #14612). That D-Bus
    interface is dangerous because it allows _any_ application running
    as `amnesia' that has access to the session bus to extract
    basically any information from Pidgin and to reconfigure it:
    https://developer.pidgin.im/wiki/DbusHowto
    - Block loading of Bluetooth kernel modules (Closes: #14655) and
    block Bluetooth devices with rfkill (Closes: #14655).
    - Add localhost.localdomain to the hosts file to prevent loopback
    leaks to Tor circuits (Closes: #13574). Thanks to tailshark for
    the patch!

    * Minor improvements
    - Upgrade to Tails Installer 5.0.1 (Closes: #8859, #8860, #12707). This
    version gets rid of the splash screen, detects when Tails is already
    installed on the target device (and then proposes to upgrade),
    and generally improves the UX. It also increases the Tails partition
    size and refuses to install to devices smaller than 8 GB.
    - Deprecate Thunderbird's preferences/0000tails.js (Closes: #12680).
    - Install the BookletImposer PDF imposition toolkit (Closes: #12686).
    - Tor Browser:
    * Fallback to ~/Tor Browser for uploads (Closes: #8917).
    * Silence some common operations that always are denied and
    otherwise would spam the journal (Closes: #14606)
    - Shell library: remove now unused functions (Closes: #12685).
    - Add pppoe to the installed packages (Closes #13463). Thanks to geb
    for the patch!
    - Replace syslinux:i386 with syslinux:amd64 in the ISO9660
    filesystem (Closes: #13513).
    - htpdate: fix date header regexp (Closes: #10495). It seems that
    some servers (sometimes) do not send their headers with first
    letter uppercased, hence a lot of failures to find the date in it.
    - Install aufs-dkms from Debian unstable (Closes: #12732).
    - Install vim-tiny instead of vim-nox (Closes: #12687). On Stretch,
    vim-nox started pulling ruby and rake in the ISO. I think vim-tiny
    would be good enough, and would save a few MiB in the ISO. Those
    who use vim more intensively and want another flavour of vim are
    likely to need persistence anyway, and can thus install a more
    featureful vim with the additional software packages feature.
    - Remove gksu and its and gconf's dependencies (Closes: #12738). We
    use pkexec instead of gksudo. gksu is unmaintained, buggy
    (e.g. #12000), and it is the only reason we ship GConf, which we
    want to remove. The other removals are:
    * libgnomevfs2-extra, which was previously used for SSH/FTP support in
    Nautilus, but isn't needed for that any more.
    * libgnome2-bin which provides gnome-open, which isn't required by
    any application in Tails (as far as we know).
    * Configurations and scripts that become obsolete because of these
    removals.
    - Refresh torbrowser-AppArmor-profile.patch to apply cleanly on top
    of torbrowser-launcher 0.2.8-1 (Closes: #14602).
    - Switch from Florence to GNOME's on-screen keyboard (Closes: #8281)
    and incidentally improve accessibility in GTK+ 2.0 and Qt
    applications. This drops Florence and the corresponding GNOME
    Shell extension.
    - Make ./HACKING.mdwn a symlink again (Closes: #13600).
    - Implement refresh-translations --force .
    - Rework how we handle the individual POT files of our applications.
    Comparing the new temporary POT files we generate with the
    temporary POT files we generated last time (if ever, and if we
    did, for which branch?) is not relevant; these POT files are only
    used for merging into a new tails.pot and *that* one is relevant
    to diff against the old tails.pot.
    - Update the Tails signing key. (Closes: #11747)
    - Reproducibility:
    * Ensure reproducible permissions for /etc/hostname (Closes:
    #13623).
    * Patch desktop-file-utils to make its mimeinfo.cache reproducible
    (Closes: #13439).
    * Patch glib2.0 to make its giomodule.cache reproducible (Closes:
    #13441).
    * Patch gdk-pixbuf to make its loaders.cache reproducible (Closes:
    #13442).
    * Patch gtk2.0 and gtk3.0 to make their immodules.cache
    reproducible (Closes: #13440).
    * Remove GCconf: it is a source of non-determinism in the
    filesystem (element order in /var/lib/gconf/defaults/%gconf-tree-*.xml)
    which made Tails unreproducible.
    * Ignore comment updates in POT files, which was a source of
    non-determinism and therefore prevented Tails from being
    reproducible (Closes: #12641).
    - Kernel hardening:
    * Increase mmap randomization to the maximum supported value
    (Closes: #11840). This improves ASLR effectiveness, and makes
    address-space fragmentation a bit worse.
    * Stop explicitly enabling kaslr: it's enabled by default in
    Debian, and this kernel parameter is not supported anymore.
    * Disable kexec, to make our attack surface a bit smaller.

    * Bugfixes
    - Start Nautilus silently in the background when run as root
    (Closes: #12034). Otherwise, after closing Nautilus one gets the
    prompt back only after 5-15 seconds, which confuses users and makes
    our doc more complicated than it should.
    - Ensure pinentry-gtk2 run by Seahorse has the correct $DISPLAY set
    (Closes: #12733).

    * Build system
    - build-manifest-extra-packages.yml: remove squashfs-tools version
    we don't use anymore (Closes: #12684). Apparently our
    apt-get/debootstrap wrapper tricks are enough to detect the
    version of squashfs-tools we actually install and use.
    - Merge base branch earlier, i.e. in auto/config instead of
    auto/build (Closes: #14459). Previously, a given build from a topic
    branch would mix inconsistent versions of things.
    - Fail builds started before SOURCE_DATE_EPOCH (Closes:
    #12352). Such builds would not be reproducible, and this is an
    assumption (a reasonable one!) that we do all over the place, so
    let's fail early. While we're at it, let's fail if
    SOURCE_DATE_EPOCH is not set as well. Actually we would fail any
    way if that was the case when reaching our
    99-zzzzzz_reproducible-builds-post-processing build hook, but
    let's fail early.

    * Test suite
    - Test the GNOME Root Terminal.
    - Take into account that Tails Installer 5.0.1 refuses to install
    Tails to devices smaller than 8 GiB. It'll still allow *upgrading*
    such sticks though.
    - Use 7200 MiB virtual USB drives when we really mean 8 GiB. In the
    real world, USB sticks labeled "8 GB" can be much smaller, so
    Tails Installer will accept anything that's at least 7200 MiB.
    This commit makes us exercise something closer to what happens in
    the real world, and incidentally it'll save storage space on our
    isotesters and improve test suite performance a bit. :)
    - Have unclutter poll every 0.1s instead of continuously. On current
    sid, virt-viewer eats a full CPU and doesn't do its job when
    "unclutter -idle 0" is running.
    - Adapt tests for Tails Installer 5.0.1.
    - Workaround Pidgin's DBus interface being blocked since we actually
    depend on it for some tests.
    - Test that Pidgin's DBus interface is blocked.
    - Save more data on test suite failures (Refs: #13541):
    * When Tor fails to bootstrap, save Tor logs and chutney nodes
    data.
    * When Htpdate fails to synchronize the clock, save its logs.
    * Always save the systemd journal on failure.
    - When testing emergency shutdown, wait longer for Tails to tell
    us it has finished wiping the memory. The goal here is to help
    us understand whether (Refs: #13462) is a bug in the emergency
    shutdown feature or in our test suite.
    - Restart nautilus-desktop if Desktop icons are not visible
    (Closes: #13461).
    - Test suite: fix assert_raise() when using ruby-test-unit >=
    3.2.5 (Closes: #14654). ruby-test-unit 3.2.5 added native Java
    exception support for JRuby. The fact we defined the :Java
    constant was enough to trigger that JRuby-specific code, which
    failed.
    - Test suite: take into account that click-to-play is not required
    anymore for WebM videos in Tor Browser (Closes: #14586).

    -- Tails developers <tails@boum.org> Mon, 25 Sep 2017 22:23:01 +0200
     
  11. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,801
    Tails promote their distro as to help people remain anonymous especially people like human rights activists and political activists in oppressive regimes, so don't they realise, in a lot of countries the computers they might have access to are older 32 bit hardware and to stop supporting 32 bit is contradictory to their stated mission?
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.4 Released
    01/09/2018
    Announcement and further information
    Changes
    Upgrades and changes

    Fixed problems
    • Fix an issue that made Tails start very slowly, in particular on DVD. (#14964)
    • Don't delete downloaded Debian packages after installing them. This is mostly relevant for users of the APT Packages persistence feature. (#10958)
    • Fix an issue that prevented some Debian packages to install properly with the Additional software feature. (#6038)
    • Update uBlock Origin to restore its icon in Tor Browser, and make its settings dashboard work again. (#14993)
    For more details, read our changelog.
    Known issues
    • The graphical splash screen usually displayed during Tails startup quickly disappears and is replaced by garbled text messages. As long as Tails appears to work fine for you otherwise, please ignore these messages, including the alarming message about a "kernel BUG" (which was reported to Debian): they do not affect the safety of your Tails system.
    • Due to an issue in Tor Browser, the documentation shipped in Tails doesn't open in Tor Browser anymore and lacks our sidebar. The warning page of the Unsafe Browser also lacks graphical design. (#14962)
    See the list of long-standing issues.
    tails (3.4) unstable; urgency=medium

    * Security fixes
    - Install Linux 4.14.0-2 from sid (Closes: #14976). This enables
    the kernel-side mitigations for Meltdown and Spectre.
    - Upgrade curl to 7.52.1-5+deb9u3.
    - Upgrade enigmail to 2:1.9.9-1~deb9u1.
    - Upgrade gimp to 2.8.18-1+deb9u1.
    - Upgrade imagemagick to 8:6.9.7.4+dfsg-11+deb9u4.
    - Upgrade libav (ffmpeg) to 7:3.2.9-1~deb9u1.
    - Upgrade libxcursor to 1:1.1.14-1+deb9u1.
    - Upgrade libxml-libxml-perl to 2.0128+dfsg-1+deb9u1.
    - Upgrade poppler to 0.48.0-2+deb9u1.
    - Upgrade rsync to 3.1.2-1 3.1.2-1+deb9u1.
    - Upgrade samba to 2:4.5.12+dfsg-2+deb9u1.
    - Upgrade sensible-utils to 0.0.9+deb9u1.
    - Upgrade tor to 0.3.1.9-1~d90.stretch+1.

    * Minor improvements
    - Display TopIcons systray on the left of the system menu. This
    fixes #14796 (on Buster, it is displayed in the middle of the
    screen, on the left of the clock) and an annoying UX problem we
    have on Stretch: OpenPGP applet is in the middle of icons that
    share the exact same (modern, GNOME Shell-like) behaviour, which
    is disturbing when opening one of the modern menus and moving
    the mouse left/right to the others, because in the middle one
    icon won't react as expected, and the nice blue bottom border
    continuity is broken.
    - Use the "intel" X.Org driver for integrated graphics in Intel
    i5-7300HQ (Closes: #14990).
    - Enable HashKnownHosts in the OpenSSH client (Closes: #14995).
    Debian enables HashKnownHosts by default via /etc/ssh/ssh_config
    for good reasons, let's not revert to the upstream default.
    - Pin the AppArmor feature set to the Stretch's kernel one. Linux
    4.14 brings new AppArmor mediation features and the policy
    shipped in Stretch may not be ready for it. So let's disable
    these new features to avoid breaking stuff: it's too hard to
    check if all the policy for apps we ship (and that users install
    themselves) has the right rules to cope with these new mediation
    features.

    * Bugfixes
    - Don't delete downloaded debs after install (Closes: #10958).
    - Install xul-ext-ublock-origin from sid to make the dashboard
    work again(Closes: #14993). Thanks to cacahuatl
    <cacahuatl@autistici.org> for the patch!
    - Additional software feature: use debconf priority critical to
    prevent failure when installing packages otherwise requiring
    manual configuration (Closes: #6038)
    - Don't include anything under /lib/live/mount/medium/ in the
    readahead list (Closes: #14964). This fixes the boot time
    regression introduced in Tails 3.3.

    * Build system
    - Display a more helpful error message when the 'origin' remote
    does not point to the official Tails Git repository. This task
    calls git_base_branch_head() which relies on the fact 'origin'
    points to our official repo.
    - Vagrant: never build the wiki early. This has caused several
    issues throughout the years, the lastest instance being the
    reopening of #14933. (Closes: #14933)
    - Install libelf-dev during the time we need it for building DKMS modules.
    - Make the DKMS build hook verbose, and display DKMS modules build
    logs on failure. This hook is a recurring cause of headaches,
    let's simplify debugging.
    - Remove obsolete duplicate build of the virtualbox-guest DKMS
    module.

    * Test suite
    - Log the list of systemd jobs when systemctl is-system-running
    fails (Closes: #14772). Listing the units is not enough: in most
    cases I've seen, is-system-running returns "starting" which
    means the job queue is not empty, and to debug that we need the
    list of jobs.
    - Only support SikuliX; drop support for Sikuli.
    - Disable SPICE clipboard sharing in the guest. It could only mess
    things up, and in fact has confused me by suddenly setting my
    *host's* clipboard to "ATTACK AT DAWN"... :)
    - Decode Base64.decode64 return value appropriately; it returns
    strings encoded in ASCII-8bit.
    - Don't flood the debug logger with the journal contents.
    - Handle case where $vm is undefined during an extremely early
    scenario failure.
    - Allow more time for 'systemctl is-system-running' to
    succeed. (Refs: #14772)
    - Make Sikuli attempt to find replacements on FindFailed by
    employing fuzz, or "lowering the similarity factor". The
    replacements (if found) are saved among the artifacts, and
    serves as potential drop-in-replacements for outdated
    images. The main use case for this is when the font
    configuration in Tails changes, which normally invalidates a
    large part of our images given that our default high similarity
    factor. We also add the `--fuzzy-image-matching` where the
    replacements are used in case of FindFailed, so the tests can
    proceed beyond the first FindFailed. The idea is that a full
    test suite run will produce replacements for potentially *all*
    outdated images.
    - Fix our findAny() vs findfailed_hook. For findAny() it might be
    expected that some images won't be found, so we shouldn't use
    our findfailed_hook, which is about dealing with the situation
    where images need to be updated.
    - Make sure Pidgin's D-Bus policy changes are applied (Closes:
    #15007). Without the HUP there's a race that we sometimes lose.
    - Nump the Unsafe Browser's start page image (Closes: #15006).
    - Hot-plug a 'pcnet' network device instead of 'virtio' on Sid,
    since the latter is not detected on Sid (Closes: #14819).

    -- Tails developers <tails@boum.org> Mon, 08 Jan 2018 16:57:07 +0100
     
  13. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.5 Released
    01/23/2018
    Announcement and further information
    Changes
    Upgrades and changes

    • Tor redesigned Tor Launcher, the application to configure a Tor bridge or a local proxy.
    Upgrades and changes
    • Update Tor Browser to 7.5.
    • Update Linux to 4.14.13 and the microcode firmware for AMD to mitigate Spectre.
    • Update Thunderbird to 52.5.
    Fixed problems
    • Fix printing to a PDF in Tor Browser. (#13403 and #15024)
    • Fix the opening of the Applications menu when the time synchronization changed the clock in the past. (#14250)
    • Fix the opening of the documentation included in Tails for many non-English languages. (#15160)
    • Fix translations of the time synchronization and "Tor is ready" notifications. (#13437)
    • Remove the code to migrate from Claws Mail that was preventing Thunderbird to start in some cases. (#12734)
    For more details, read our changelog.
    Known Issues
    • Debug and error messages appear when starting Tails, including an alarming message about a kernel BUG.

      These messages do not affect the safety of Tails.

    • In Tails Installer, it is only possible to select an ISO image when choose Use a downloaded Tails ISO image when running Tails in English. For other language, the file chooser button remains inactive:
    • The documentation shipped in Tails doesn't open in Tor Browser anymore. The warning page of the Unsafe Browser also lacks graphical design. (#14962 and Tor #24243)
    See the list of long-standing issues.
    tails (3.5) unstable; urgency=medium

    * Security fixes
    - Upgrade amd64-microcode to 3.20171205.1, for the mitigation
    against Spectre (CVE-2017-5715) (Closes: #15148).
    - Upgrade Tor Browser to 7.5-build3 (Closes: #15197).
    - Upgrade Thunderbird to 1:52.5.2-2~deb9u1.0tails1 (Closes: #15033)
    - Upgrade gdk-pixbuf to 2.36.5-2+deb9u2.0tails1 (Closes: #15177).
    - Upgrade bind9 to 1:9.10.3.dfsg.P4-12.3+deb9u4.
    - Upgrade libxml2 to 2.9.4+dfsg1-2.2+deb9u2.

    * Minor improvements
    - Upgrade Linux to 4.14.13, which is the first kernel that has the
    "[x86] microcode/AMD: Add support for fam17h microcode loading"
    commit, that's needed to load the AMD fam17h microcode for
    mitigating the Spectre vulnerability (CVE-2017-5715).

    * Bugfixes
    - Drop Claws Mail persistence setting migration. Whenever
    persistent Claws Mail setting is enabled, this creates an empty
    ~/.icedove/ directory, that prevents Thunderbird from starting
    (Closes: #12734).
    - Don't prevent the GNOME Applications button from opening its menu if
    time syncing resulted in a shift back in time (Closes: #14250).
    - Tails Installer: when cloning Tails to another USB drive, check
    if the target device has enough space *before* any destructive
    actions are made (Closes: #14622).
    - Tor Browser: make "Print to file" work again, for all locales
    (Closes: #13403, #15024).

    * Build system
    - Fix option passed to cmp: -q is not supported but --quiet is.
    Spotted on feature/buster that's the first branch that exercises
    this code, but there's no reason to fix it only there.

    * Test suite
    - Adapt tests for Tor Launcher 0.2.14.3, i.e. the one shipped with
    Tor Browser 7.5 in Tails 3.5 (Closes: #15064).
    - Add support for creating arbitrarily sized partitions.
    - Add a "Try cloning Tails to a too small partition" scenario
    (regression test for #14622).

    -- Tails developers <tails@boum.org> Tue, 23 Jan 2018 00:57:58 +0100
    [/QUOTE]
     
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,395
    Location:
    Slovenia
  15. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    719
    Location:
    North of the 38th parallel.
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.6.2 Released
    03/30/2018
    Announcement and further information
    Changes
    Upgrades and changes
    • Update Tor Browser to 7.5.3.
    • Update Thunderbird to 52.7.0.
    • Update Intel microcode to 3.20180312.1, which adds Spectre variant 2 mitigation for most common Intel processors.
    • Upgrade Linux to 4.15.11-1.
    Fixed problems
    • Make input of Japanese and Korean characters in Tor Browser work again.
    • Fix Tor Browser so add-ons installed by users work again, such as Tails Verification.
    For more details, read our changelog.
    tails (3.6.2) unstable; urgency=medium

    * Security fixes
    - Upgrade Tor Browser to 7.5.3 (MFSA 2018-10, Closes: #15459).
    - Upgrade Thunderbird to 1:52.7.0-1~deb9u1.0tails1 (DSA-4155,
    Closes: #15471).
    - Upgrade libicu to 57.1-6+deb9u2 (DSA-4150).
    - Upgrade intel-microcode to 3.20180312.1~bpo9+1. Implements
    IBRS/IBPB/STIPB support, Spectre-v2 mitigation for: Sandybridge,
    Ivy Bridge, Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake
    (Closes: #15173).

    * Bugfixes
    - Tor Browser AppArmor profile:
    * Grant the main Firefox process access to machine-id: needed for
    IBus support (Closes: #15437).
    * Allow access to extensions installed by the user such as Tails
    Verification (Closes: #15434).
    - Remove packages needed to support Video Acceleration API
    (VA-API) because they breaks opening GNOME Settings and Totem in
    Tails 3.6 on some computers (only NVIDIA for now but perhaps
    other hardware is affected). (Closes: #15433, #15449)
    - Upgrade Linux to 4.15.11-1 and bump the aufs submodule (Closes:
    #15456, #15457).
    - tails-documentation script:
    * open translated documentation page in Tor Browser when online
    (Closes: #15371).
    * use documented syntax for os.execv (Refs: #15332)
    * re-add support for passing a HTML anchor as the second
    argument.
    - Fix issue where the tails-persistence-setup user's guid would be
    changed when it was the uid that was intended (Closes: #15422).

    -- Tails developers <tails@boum.org> Thu, 29 Mar 2018 17:49:42 +0200
     
  17. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,823
    This puppy is becoming a joke. A new release every couple of weeks? Come on now.
     
  18. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.7 Released
    05/09/2018
    Announcement and further information
    Changes
    Upgrades and changes
    Fixed problems
    • Allow removing the optional OpenPGP key in WhisperBack, in case you specified one.
    For more details, read our changelog.

    What's coming up?
    Tails 3.8 is scheduled for June 26.
    tails (3.7) unstable; urgency=medium

    * Security fixes
    - Upgrade Tor Browser to 7.5.4 (MFSA 2018-12, Closes: #15588).
    - Upgrade OpenSSL to 1.1.0f-3+deb9u2 (DSA-4157).
    - Upgrade Perl to 5.24.1-3+deb9u3 (DSA-4172).
    - Upgrade Libre Office to 1:5.2.7-1+deb9u4 (DSA-4178).
    - Upgrade libmad to 0.15.1b-8+deb9u1 (DSA-4192).

    * Bugfixes
    - Enable the removal of OpenPGP keyblock in Whisperback (closes: #7797).
    - Show the logo in Whisperback's About menu (closes: #13198).
    - Use the same font in all the Whisperback report (Closes: #11272).
    - Update tails-bugs@tails.boum OpenPGP key (Closes: #15534).

    * Minor improvements
    - Stop installing python-qt4 and python-trezor (Closes: #15391).
    - Make WhisperBack easier to find in the GNOME Overview (Closes: #13299).

    -- Tails developers <tails@boum.org> Tue, 08 May 2018 01:47:22 +0200
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.7.1 Released
    06/10/2018
    Announcement and further information
    Changes
    Upgrades and changes
    • Upgrade Tor Browser to 7.5.5.

      This fixes a critical issue in Firefox announced on June 6.

    • Upgrade Thunderbird to 52.8.0.

      This partly mitigates the infamous EFAIL attack and fixes importing OpenPGP keys from keyservers with Enigmail.
    Fixed problems
    • Fix setting a screen locker password with non-ASCII characters. (#15636)

    • Rename the WhisperBack launcher to "WhisperBack Error Reporting" so that users have a better chance to understand what it does. (#6432)
    For more details, read our changelog.

    What's coming up?
    Tails 3.8 is scheduled for June 26.
    tails (3.7.1) unstable; urgency=medium

    * Security fixes
    - Upgrade Tor Browser to 7.5.5 (MFSA 2018-14; closes: #15643).
    - Upgrade Thunderbird to 52.8.0 (DSA-4209-1; Closes: #15607).
    - Partially fixes EFAIL.
    - Fixes importing OpenPGP keys from keyservers with Enigmail.
    - Accordingly refresh our Thunderbird AppArmor profile patch.
    - Upgrade cURL to 7.52.1-5+deb9u6 (DSA-4202-1).
    - Upgrade GnuPG (modern) 2.1.18-8~deb9u2 (DSA-4222-1).
    - Upgrade GnuPG (legacy) to 1.4.21-4+deb9u1 (DSA-4223-1).
    - Upgrade Git to 1:2.11.0-3+deb9u3 (DSA-4212-1).
    - Upgrade PackageKit to 1.1.5-2+deb9u1 (DSA-4207-1).
    - Upgrade procps to 2:3.3.12-3+deb9u1 (DSA-4208-1).
    - Upgrade wavpack to 5.0.0-2+deb9u2 (DSA-4197-1).
    - Upgrade wget to 1.18-5+deb9u2 (DSA-4195-1).
    - Upgrade xdg-utils to 1.1.1-1+deb9u1 (DSA-4211-1).

    * Bugfixes
    - Fix setting a screen locker password with non-ASCII characters
    (Closes: #15636).
    - WhisperBack:
    - Rename the WhisperBack launcher to "WhisperBack Error Reporting"
    so that users have a better chance to understand what it does
    (Closes: #6432)
    - Ensure debugging info in Whisperback reports don't contain email
    signature markers so that email clients forward it in full
    (Closes: #15468).
    - Wrap text written by the user to 70 chars (Closes: #11689).

    * Minor improvements
    - The "Tails documentation" desktop launcher now opens /doc instead of
    the aging /getting_started that confused people during user testing
    (Closes: #15575).

    * Test suite
    - Update to match "Tails documentation" behaviour change.

    -- Tails developers <tails@boum.org> Sat, 09 Jun 2018 19:53:51 +0000
     
  20. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    6,566
    Tails 3.8 Released
    06/26/2018
    Announcement and further information
    Changes
    Upgrades and changes
    • Upgrade Enigmail from 1.9.9 to 2.0.7 which fixes some of the EFAIL attacks on OpenPGP.
    Fixed problems
    • Fix importing OpenPGP keys from email attachments. (#15610)

    • Fix the translations of the homepage of the Unsafe Browser. (#15461)
    For more details, read our changelog.

    What's coming up?
    Tails 3.9 is scheduled for September 5.
    tails (3.8) unstable; urgency=medium

    * Security fixes
    - Upgrade Tor Browser to 7.5.6 (MFSA 2018-17; Closes: #15683).
    - Upgrade Enigmail to 2.0.7 (partly fixes #15602 aka. EFAIL).
    - Upgrade libgcrypt to 1.7.6-2+deb9u3 (DSA-4231-1).
    - Upgrade perl to 5.24.1-3+deb9u4 (DSA-4226-1).

    * Bugfixes
    - Thunderbird: fix importing public OpenPGP keys from email attachments
    (Closes: #15610).
    - Make the Unsafe Browser home page translatable again (Closes: #15461).

    * Minor improvements
    - Don't display the "Know your rights" message on Thunderbird first run.
    - Move Thunderbird's default userChrome.css to /etc/thunderbird, just like
    we do for Tor Browser, for easier upgrade handling.

    -- Tails developers <tails@boum.org> Mon, 25 Jun 2018 09:59:22 +0000
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.