Tails, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues and all users must upgrade as soon as possible.

We prepared this release mainly to fix a serious flaw in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site.

Changes

Notable user-visible changes include:

  • Security fixes
    • Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
    • Install Linux 3.16-1
    • Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog for technical details.

Known issues

  • The version of tor shipped in Tails 1.1.2 really is 0.2.4.24, not 0.2.4.21 as reported in the logs and by tor --version. The reason is that the package was built with outdated files generated by autogen.sh, but this only affects the reported version, not the code.

  • Longstanding known issues.

I want to try it or to upgrade!

Go to the install page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for October 14.

Have a look to our roadmap to see where we are heading to.

Do you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!