|author||Tails developers <email@example.com>||2011-11-11 15:54:03 +0100|
|committer||Tails developers <firstname.lastname@example.org>||2011-11-11 15:54:03 +0100|
Add announce of 0.9 and security warning against 0.8.1.
2 files changed, 112 insertions, 0 deletions
diff --git a/wiki/src/news/version_0.9.mdwn b/wiki/src/news/version_0.9.mdwn
new file mode 100644
@@ -0,0 +1,89 @@
+[[!meta date="Fri Nov 11 01:23:45 2011"]]
+[[!meta title="Tails 0.9 is out"]]
+The Amnesic Incognito Live System, version 0.9, is out.
+All users must upgrade as soon as possible.
+Notable user-visible changes include:
+ - Upgrade to 0.2.2.34. This fixes CVE-2011-2768 and CVE-2011-2769
+ which prompted for manual updates for users of Tails 0.8.1.
+ - Suppress Tor's warning about applications doing their own DNS
+ lookups. Some users have reported concerns about these warnings,
+ but it should be noted that they are completely harmless inside
+ Tails as its system DNS resolver is Torified.
+* Linux 3.0.0-6, which fixed a great number of bugs and security issues.
+ - Upgrade to 3.5.16-11 ((fixes CVE-2011-3647, CVE-2011-3648,
+ - Torbutton: upgrade to 18.104.22.168-1, including support for the
+ in-browser "New identity" feature.
+ - FireGPG: upgrade to 0.8-1+tails2. Users are notified that the
+ FireGPG Text Editor is the only safe place for performing
+ cryptographic operations, and these operations has been disabled
+ in other places. Performing them outside of the editor opens up
+ when decrypting, signing messages written by the attacker).
+ - Replace CS Lite with Cookie Monster for cookie management. Cookie
+ Monster has an arguably nicer interface, is being actively
+ maintained and is packaged in Debian.
+ - Install [MAT](https://mat.boum.org/), the Metadata Anonymisation
+ Toolkit. Its goal is to remove file metadata which otherwise
+ could leak information about you in the documents and media files
+ you publish. This is the result of a Tails developer's suggestion
+ for GSoC 2011, although it ended up being mentored by The Tor
+ - Upgrade WhisperBack to 1.5~rc1. Users are guided how to send their
+ bug reports through alternative channels upon errors sending
+ them. This will make bug reporting easier when there's no network
+ connection available.
+ - Upgrade TrueCrypt to 7.1.
+ - The date and time setting system was completely reworked. This
+ should prevent time syncing issues that may prevent Tor from
+ working properly, which some users have reported. The new system
+ will not leave a fingerprintable network signature, like the old
+ system did. Previously that signature could be used to identify
+ who is using Tails (but *not* deanonymize them).
+ - Erase memory at shutdown: run many instances of the memory
+ wiper. Due to architectural limitations of i386 a process cannot
+ access all memory at the same time, and hence a single memory wipe
+ instance cannot clear all memory.
+ - Saner keyboard layouts for Arabic and Russian.
+ - Use Plymouth text-only splash screen at boot time.
+Plus the usual bunch of minor bug reports and improvements.
+See the [online
+for technical details.
+# I want to try it / to upgrade!
+See the [[Getting started]] page.
+# Known issue
+The memory erasure on Tails shutdown cannot guarantee that all memory
+in the 2 GB to 4 GB region is wiped. The improvements made in Tails
+0.9 should at least make the situation better than previously.
+# A glimpse towards the future
+Were do we go from here? Have a look to our [[contribute/roadmap]] to
+see where we are heading to.
+Would you want to help? As explained in our [["how to contribute"
+documentation|contribute]], here are many ways **you** can contribute
+to Tails: no need to be a hardcore developer.
diff --git a/wiki/src/security/Numerous_security_holes_in_0.8.1.mdwn b/wiki/src/security/Numerous_security_holes_in_0.8.1.mdwn
new file mode 100644
@@ -0,0 +1,23 @@
+[[!meta date="Fri Nov 11 11:12:13 2011"]]
+[[!meta title="Numerous security holes in Tails 0.8.1"]]
+The following security holes affect Tails 0.8.1.
+We **strongly** urge you to [[upgrade to Tails 0.9|news/version_0.9]]
+as soon as possible in case you are still using an older version.
+These are Debian security announces; details can be found on the
+[Debian security page](http://security.debian.org/):
+ - openssl (DSA-2343)
+ - iceweasel (DSA-2341)
+ - nss (DSA-2339)
+ - ffmpeg (DSA-2336)
+ - tor (DSA-2331)
+ - freetype (DSA-2328)
+ - pam (DSA-2326)