Tails 4.2 Fixes Numerous Security Flaws, Improves Direct Upgrades

Posted by & filed under Security News.

The Tails Project released a new version of the security-focused Tails Linux distribution and advises users to upgrade as soon as possible to fix multiple security vulnerabilities impacting the previous Tails 4.1.1 version.

Tails (short for The Amnesic Incognito Live System) is a Linux distro focused on guarding its users’ anonymity and help them circumvent censorship by forcing all Internet connections through the Tor network.

The new Tails 4.2 version also comes with important improvements to its automatic upgrade feature, new command-line tools for SecureDrop users “to analyze the metadata of leaked documents on computers that cannot use the Additional Software feature”, and some additional updates.

Patched security vulnerabilities

Tails 4.2 fixes a long list of security issues affecting multiple components and all users are recommended to upgrade to this new release as soon as possible.

The security vulnerabilities patched in today’s release are linked below:

Automatic upgrades to Tails 4.2 are available from the 4.0, 4.1, and 4.1.1 versions, but you should manually upgrade using the following guides “if you cannot do an automatic upgrade or if the system fails to start afterward.

To manually upgrade you can use these guides, provided by the Tails team:

Automatic upgrades improvements

The Tails Project enhanced the automatic upgrade feature with the release of Tails 4.2. From now on, you can upgrade from all previous versions to the latest version.

“Until now, if your version of Tails was several months old, you sometimes had to do 2 or more automatic upgrades in a row,” the dev team says. “For example, to upgrade from Tails 3.12 to Tails 3.16, you first had to upgrade to Tails 3.14.”

In addition, you will only have to do manual upgrades between major Tails versions as is the case when you’ll have to upgrade to Tails 5.0 after its next year’s release.

“Until now, you could only do a limited number of automatic upgrades, after which you had to do a much more complicated ‘manual’ upgrade,” the developers add.

As a bonus, automatic upgrades now also use less memory and the download sizes have been optimized to make it faster to get updates.

Tails 4.2 also updates the Tor Browser to 9.0.3, the Thunderbird email client to 68.3.0, and the Linux kernel to the 5.3.15 version released on December 5, 2019.

According to the development team, the Tails 4.3 version is scheduled for release on February 11 and it should be a bugfix release.

 

The information contained in this website is for general information purposes only. The information is gathered from Bleeping Computer, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.  Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.