summaryrefslogtreecommitdiffstats
path: root/wiki/src/news/version_2.9.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'wiki/src/news/version_2.9.mdwn')
-rw-r--r--wiki/src/news/version_2.9.mdwn42
1 files changed, 42 insertions, 0 deletions
diff --git a/wiki/src/news/version_2.9.mdwn b/wiki/src/news/version_2.9.mdwn
index 4c54455..acb0174 100644
--- a/wiki/src/news/version_2.9.mdwn
+++ b/wiki/src/news/version_2.9.mdwn
@@ -6,6 +6,48 @@ This release fixes [[many security
issues|security/Numerous_security_holes_in_2.7.1]] and users should
upgrade as soon as possible.
+<div class="caution">
+
+<p>
+<strong>
+Tails 2.9 is affected by a serious security flaw!
+</strong>
+</p>
+
+<p>
+Right before we were about to release Tails 2.9 we learned about
+<a href='https://security-tracker.debian.org/tracker/CVE-2016-1252'>CVE-2016-1252</a>
+which is a critical security issue in APT, the package management
+system used by Tails, Debian, Ubuntu and others. Tails 2.9 is
+affected by this security issue.
+</p>
+
+<p>
+To remain safe while using Tails 2.9, please:
+</p>
+
+<ul>
+<li>
+do not use the <i>Synaptic</i> package manager.
+</li>
+<li>
+do not use the <tt>apt-get</tt> or <tt>apt</tt> commands in the terminal.
+</li>
+<li>
+do not use Tails' <i>Additional software packages</i> feature
+(<tt>live-additional-software.conf</tt>).
+</li>
+</ul>
+
+<p>
+Tails 2.9.1 will be released in the next few days and will contain a
+fix for this issue.
+</p>
+
+</div>
+
+
+
[[!toc levels=1]]
# Changes