Add Tails 1.2 release announcement and Tails 1.1.2 security advisory.

9397bc8d · Tails developers · 6d5f66c2 · 9397bc8d · 9397bc8d
Commit 9397bc8d authored Oct 15, 2014 by Tails developers
--- a/wiki/src/news/version_1.2.mdwn
+++ b/wiki/src/news/version_1.2.mdwn
+[[!meta date="Thu Oct 16 12:34:56 2014"]]
+[[!meta title="Tails 1.2 is out"]]
+[[!tag announce]]
+
+Tails, The Amnesic Incognito Live System, version 1.2, is out.
+
+This release fixes [[numerous security
+issues|security/Numerous_security_holes_in_1.1.2]] and all users must
+[[upgrade|doc/first_steps/upgrade]] as soon as possible.
+
+[[!toc levels=1]]
+
+# Changes
+
+Notable user-visible changes include:
+
+  * Major new features
+    - Install (most of) the Tor Browser, replacing our previous
+      Iceweasel-based browser. The version installed is from TBB 4.0
+      and is based on Firefox 31.2.1esr.
+    - Upgrade Tor to 0.2.5.8-rc.
+    - Confine several important applications with AppArmor.
+
+  * Bugfixes
+    - Install Linux 3.16-3 (that is 3.16.5-1) from Debian unstable.
+
+  * Minor improvements
+    - Upgrade I2P to 0.9.15, and isolate I2P traffic from the Tor
+      Browser by adding a dedicated I2P Browser. Also, start I2P
+      automatically upon network connection, when `i2p` is present on
+      the kernel command line.
+    - Make it clear that TrueCrypt will be removed in Tails 1.2.1
+      ([[!tails_ticket 7739]]).
+    - Enable VirtualBox guest additions by default ([[!tails_ticket
+      5730]]). In particular this enables VirtualBox's display
+      management service.
+    - Make the OTR status in Pidgin clearer thanks to the formatting
+      toolbar ([[!tails_ticket 7356]]).
+    - Upgrade syslinux to 6.03-pre20, which should fix UEFI boot on
+      some hardware.
+
+See the [online
+Changelog](https://git-tails.immerda.ch/tails/plain/debian/changelog)
+for technical details.
+
+# Known issues
+
+* [[Longstanding|support/known_issues]] known issues.
+
+# I want to try it or to upgrade!
+
+Go to the [[download]] page.
+
+As no software is ever perfect, we maintain a list of [[problems
+that affects the last release of Tails|support/known_issues]].
+
+# What's coming up?
+
+The next Tails release is [[scheduled|contribute/calendar]] for
+November 25.
+
+Have a look to our [[!tails_roadmap]] to see where we are heading to.
+
+Do you want to help? There are many ways [[**you** can
+contribute to Tails|contribute]]. If you want to help, come talk
+to us!
--- a/wiki/src/security/Numerous_security_holes_in_1.1.2.mdwn
+++ b/wiki/src/security/Numerous_security_holes_in_1.1.2.mdwn
+[[!meta date=Tue Oct 14 00:00:00 2014"]]
+[[!meta title="Numerous security holes in Tails 1.1.2"]]
+
+[[!tag security/fixed]]
+
+Several security holes that affect Tails 1.1.2 are now fixed in Tails 1.2.
+
+We **strongly** encourage you to [[upgrade to Tails
+1.2|news/version_1.2]] as soon as possible.
+
+Details
+=======
+
+ - Tor Browser and its bundled NSS: [[!mfsa2014 74]],
+   [[!mfsa2014 75]], [[!mfsa2014 76]], [[!mfsa2014 77]],
+   [[!mfsa2014 79]], [[!mfsa2014 81]] and [[!mfsa2014 82]]
+ - nss: [[!debsa2014 3033]] (CVE-2014-1568)
+ - bash: [[!debsa2014 3035]] (CVE-2014-7169)
+ - rsyslog: [[!debsa2014 3040]] (CVE-2014-3634) and
+   [[!debsa2014 3047]] (CVE-2014-3683)
+ - apt: [[!debsa2014 3047]] (CVE-2014-7206