Aug 14 2017 - 5:48pm

Today we are announcing the release of SecureDrop 0.4.2. This is a bugfix release to fix an issue with the AppArmor profile for Apache, which caused the Source and Journalist Interface web applications to fail. The root of the problem was an implicit dependency on upstream AppArmor abstractions from the Tor package, which has been resolved.

Aug 2 2017 - 5:17pm

Today we are announcing the release of SecureDrop 0.4.1. This is a bugfix release to fix an issue with one of the scripts that configures the Tails workstation environment. If you encountered a permissions issue when running securedrop-admin tailsconfig, this release will fix that issue. We have updated our upgrade guide accordingly.

Jul 25 2017 - 1:06pm

Today we are announcing the release of SecureDrop 0.4.

This release:

Jul 11 2017 - 10:32am

The release of the next version of SecureDrop, 0.4, is scheduled for July 25th, 2017. We will send out another notification through this blog on securedrop.org, Twitter, and the support portal when the release goes live.

Mar 20 2017 - 3:08pm

Today we are announcing the release of SecureDrop 0.3.12. This release disables swap functionality on the Application Server, as originally intended by the first-run config used during install time. Instances will upgrade automatically, and any existing swap partitions will be deactivated, scrubbed, and disabled permanently. For full details, see the changelog.

Mar 16 2017 - 5:30pm

We recently discovered that the SecureDrop Application and Monitor servers have swapfiles enabled on production instances. This is not intended behavior, and was identified during the expansion of our automated testing efforts. We intended to disable swap during installation, and discovered that this setting was not persisting across reboots. Since the machines are configured to reboot nightly, to aid in clearing memory, the method currently used is ineffective.

Feb 13 2017 - 4:36pm

Today we are announcing the release of SecureDrop 0.3.11. This release adds some improvements to SecureDrop’s source interface. The most important change is to provide clear instructions for sources to use Tor Browser’s Security Slider at the highest setting. For full details, see the changelog.

Oct 24 2016 - 1:52pm

Today we are announcing the release of SecureDrop 0.3.10. This release adds a new package, securedrop-keyring, to manage the public keys used to verify packages provided by the Freedom of the Press Foundation's apt package server.

Sep 13 2016 - 5:03pm

Today we are announcing the release of SecureDrop 0.3.9. This release fixes several minor issues; for details, see the changelog.

Existing installations should upgrade automatically within the next 24 hours. If you have any questions, or experience difficulties with this upgrade, please create an issue on our support site.

Jun 23 2016 - 6:13pm

Today we are announcing the release of SecureDrop 0.3.8, to fix a regression in 0.3.7 where a dependency of SecureDrop's Python web application was mistakenly removed from the list of dependencies. This regression did not impact already running production instances, but it prevented the successful installation of new SecureDrop 0.3.7 instances. The issue is fixed in 0.3.8 and new installations are working again.

Pages