Since Tails is based on Debian, it takes advantage of all the work done by the Debian security team. As quoted from http://security.debian.org/:

Debian takes security very seriously. We handle all security problems brought to our attention and ensure that they are corrected within a reasonable timeframe. Many advisories are coordinated with other free software vendors and are published the same day a vulnerability is made public and we also have a Security Audit team that reviews the archive looking for new or unfixed security bugs.

Experience has shown that "security through obscurity" does not work. Public disclosure allows for more rapid and better solutions to security problems. In that vein, this page addresses Debian's status with respect to various known security holes, which could potentially affect Debian.

Current holes

Probable holes

Until an audit of the bundled network applications is done, information leakages at the protocol level should be considered as − at the very least − possible.

Fixed holes

WARNING: some of these holes may only be fixed in Git. Please carefully read the "Affected versions" sections bellow.

Numerous security holes in Tails 0.22.1
Posted Sun 16 Mar 2014 12:00:00 AM CET
Numerous security holes in Tails 0.22
Posted Sat 01 Feb 2014 12:00:00 AM CET
Numerous security holes in Tails 0.21
Posted Fri 29 Nov 2013 12:00:00 AM CET
Numerous security holes in Tails 0.20.1
Posted Fri 25 Oct 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.20
Posted Sat 14 Sep 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.19
Posted Mon 05 Aug 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.18
Posted Sat 22 Jun 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.17.2
Posted Tue 14 May 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.17.1
Posted Sat 06 Apr 2013 12:00:00 AM CEST
Numerous security holes in Tails 0.17
Posted Wed 20 Mar 2013 12:00:00 AM CET
Numerous security holes in Tails 0.16
Posted Fri 22 Feb 2013 12:00:00 AM CET
Numerous security holes in Tails 0.15
Posted Tue 08 Jan 2013 12:00:00 AM CET
Numerous security holes in Tails 0.14
Posted Sun 25 Nov 2012 12:00:00 AM CET
Numerous security holes in Tails 0.13
Posted Thu 08 Nov 2012 12:00:00 AM CET
Numerous security holes in Tails 0.12.1
Posted Sun 16 Sep 2012 12:00:00 AM CEST
Numerous security holes in Tails 0.11
Posted Mon 11 Jun 2012 12:00:00 AM CEST
Numerous security holes in Tails 0.10.2
Posted Sun 22 Apr 2012 12:00:00 AM CEST
Numerous security holes in Tails 0.10.1
Posted Thu 01 Mar 2012 12:00:00 AM CET
Numerous security holes in Tails 0.10
Posted Fri 27 Jan 2012 12:00:00 AM CET
Numerous security holes in Tails 0.9
Posted Sun 01 Jan 2012 12:00:00 AM CET
Numerous security holes in Tails 0.8.1
Posted Thu 10 Nov 2011 12:00:00 AM CET
Numerous security holes in Tails 0.8
Posted Fri 14 Oct 2011 11:12:13 AM CEST
Numerous security holes in Tails 0.7.2
Posted Wed 14 Sep 2011 11:12:13 AM CEST
Numerous security holes in Tails 0.7.1
Posted Fri 10 Jun 2011 11:12:13 AM CEST
Numerous security holes in Tails 0.7
Posted Thu 28 Apr 2011 11:12:13 AM CEST
Numerous security holes in Tails 0.6.2
Posted Mon 04 Apr 2011 11:12:13 AM CEST
Numerous security holes in T(A)ILS 0.6.1
Posted Mon 17 Jan 2011 11:12:13 AM CET
Numerous security holes in T(A)ILS 0.6
Posted Wed 22 Dec 2010 11:12:13 AM CET
Numerous security holes in T(A)ILS 0.5
Posted Sun 17 Oct 2010 11:12:13 AM CEST
Iceweasel exposes a rare User-Agent
Posted Fri 03 Sep 2010 01:15:14 AM CEST
Numerous security holes in previous amnesia versions
Posted Sun 25 Apr 2010 11:12:13 AM CEST
Icedove (Thunderbird) leaks the real IP address
Posted Mon 07 Dec 2009 11:20:24 AM CET
Use of cleartext swap partitions on local hard disks
Posted Sun 22 Nov 2009 11:20:24 AM CET
Ineffective firewall-level Tor enforcement
Posted Sun 22 Nov 2009 11:20:24 AM CET

Audits

Audits of Tails that we are aware of are collected in audits.