Discussion in 'Linux' started by DNT, Apr 29, 2014.
Nothing new, I guess.
Tails, The Amnesic Incognito Live System, version 1.1, is out.
All users must upgrade as soon as possible: this release fixes numerous security issues.
Notable user-visible changes include:
Rebase on Debian Wheezy
Upgrade literally thousands of packages.
Migrate to GNOME3 fallback mode.
Install LibreOffice instead of OpenOffice.
Major new features
UEFI boot support, which should make Tails boot on modern hardware and Mac computers.
Replace the Windows XP camouflage with a Windows 8 camouflage.
Bring back VirtualBox guest modules, installed from Wheezy backports. Full functionality is only available when using the 32-bit kernel.
Fix write access to boot medium via udisks (ticket #6172).
Upgrade the web browser to 24.7.0esr-0+tails1~bpo70+1 (Firefox 24.7.0esr + Iceweasel patches + Torbrowser patches).
Upgrade to Linux 3.14.12-1 (fixes CVE-2014-4699).
Make persistent file permissions safer (ticket #7443).
Fix quick search in Tails Greeter's Other languages window (Closes: ticket #5387)
Don't install Gobby 0.4 anymore. Gobby 0.5 has been available in Debian since Squeeze, now is a good time to drop the obsolete 0.4 implementation.
Require a bit less free memory before checking for upgrades with Tails Upgrader. The general goal is to avoid displaying "Not enough memory available to check for upgrades" too often due to over-cautious memory requirements checked in the wrapper.
Whisperback now sanitizes attached logs better with respect to DMI data, IPv6 addresses, and serial numbers (ticket #6797, ticket #6798, ticket #6804).
Install the BookletImposer PDF imposition toolkit.
See the online Changelog for technical details.
Users of persistence must log in at least once with persistence enabled read-write after upgrading to 1.1 to see their settings updated.
Upgrading from ISO, from Tails 1.1~rc1, Tails 1.0.1 or earlier, is a bit more complicated than usual. Either follow the instructions to upgrade from ISO. Or, burn a DVD, start Tails from it, and use "Clone and Upgrade".
The automatic upgrade from Tails 1.1~rc1 is a bit more complicated than usual. Either follow the instructions to apply the automatic upgrade. Or, do a full upgrade.
A persistent volume created with Tails 1.1~beta1 cannot be used with Tails 1.1 or later. Worse, trying this may freeze Tails Greeter.
Tails 1.1 does not start in some virtualization environments, such as QEMU 0.11.1 and VirtualBox 4.2. This can be corrected by upgrading to QEMU 1.0 or VirtualBox 4.3, or newer (ticket #7232).
Longstanding known issues.
A security hole affects I2P 0.9.13, that is part of Tails 1.1 and earlier.
If you are using I2P in Tails 1.1 and earlier, an attacker can de-anonymize you.
To be able to conduct this attack the attacker must be able to affect the content of a website that you are visiting using the Tor Browser in Tails and the attacker must find out how to exploit this security hole.
Tails does not start I2P by default.
You can protect yourself from this security hole until it is corrected.
Do not start I2P in Tails 1.1 and earlier. You can protect yourself further by removing the i2p package every time you start Tails:
Set an administration password.
Run this command in a Root Terminal:
apt-get purge i2p
apt-get purge i2p
Tails 1.1.1 released
Separate names with a comma.