summaryrefslogtreecommitdiffstats
path: root/wiki/src/security/Numerous_security_holes_in_1.2.2.mdwn
blob: 7880cfe4baf6a717f6156055f86fca0a9fb39e7b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[[!meta date="Mon Jan 12 00:00:00 2015"]]
[[!meta title="Numerous security holes in Tails 1.2.2"]]

[[!tag security/fixed]]

Several security holes that affect Tails 1.2.2 are now fixed in Tails
1.2.3.

We **strongly** encourage you to [[upgrade to Tails
1.2.3|news/version_1.2.3]] as soon as possible.

Details
=======

 - Tails' MAC spoofing feature may leak the real MAC address
   ([[!tails_ticket 8571]]).
 - The Unsafe Browser checks for an upgrade of the Tor Browser in the
   clear ([[!tails_ticket 8694]]).
 - Tor Browser and its bundled NSS: [[!mfsa2015 01]],
   [[!mfsa2015 03]], [[!mfsa2015 04]], [[!mfsa2015 06]]
 - tcpdump: [[!debsa2014 3086]]
 - linux: [[!debsa2014 3093]]
 - bind9: [[!debsa2014 3094]]
 - xorg-server: [[!debsa2014 3095]]
 - dbus: [[!debsa2014 3099]]
 - libyaml: [[!debsa2014 3102]]
 - libyaml-libyaml-perl: [[!debsa2014 3103]]
 - cpio: [[!debsa2014 3111]]
 - unzip: [[!debsa2014 3113]]
 - mime-support: [[!debsa2014 3114]]
 - libevent: [[!debsa2015 3119]]
 - file: [[!debsa2015 3121]]
 - curl: [[!debsa2015 3122]]
 - binutils: [[!debsa2015 3123]]
 - openssl: [[!debsa2015 3125]]