News

Release Announcement

SecureDrop 2.1.0 Released

We’re pleased to announce that SecureDrop 2.1.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub.What’s new in SecureDrop 2.1.0?For sourcesAccessibility: The Source Interface now uses more standards-compliant semantic HTML and … Read More

Pre-Release Announcement

SecureDrop 2.1.0: Pre-Release Announcement

The release of the next version of SecureDrop, 2.1.0, is scheduled for October 19, 2021. We will send out another notification through this blog, Twitter, Mastodon, and the support portal when the release is live. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub. Read More

Release Announcement

SecureDrop 2.0.2 Released

We’re pleased to announce that SecureDrop 2.0.2 has been released. This is a maintenance release that updates the Linux kernel on your SecureDrop servers. Read More

Release Announcement

SecureDrop 2.0.1 Released

We’re pleased to announce that SecureDrop 2.0.1 has been released. This is a maintenance release that updates dependencies and signs the SecureDrop release tag with our updated signing key. A complete list of changes can be found on Github.What’s new in SecureDrop 2.0.1?For developersMaintenance: The SecureDrop release tag is now … Read More

Interest Article

Why we are rotating the SecureDrop release key

SecureDrop releases are digitally signed using a release key. This allows anyone to verify the integrity of a SecureDrop release, to mitigate the risk of tampering by third parties. After nearly 5 years in use, as a purely precautionary measure, we are rotating the release key. Read More

Release Announcement

SecureDrop 2.0.0 Released

We’re pleased to announce that SecureDrop 2.0.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub.Important: All Tails Workstations should run the SecureDrop graphical updater before June 29, 2021, to ensure … Read More

Pre-Release Announcement

SecureDrop 2.0.0: Pre-Release Announcement

The release of the next version of SecureDrop, 2.0.0, is scheduled for June 22, 2021. We will send out another notification through this blog, Twitter, Mastodon, and the support portal when the release is live. Changes that journalists and administrators should be aware of are summarized in this blog post. … Read More

Security Advisory

Security Advisory: Cross-site request forgery vulnerability on Journalist Interface test alert form

On May 10, 2021, the Tenable team informed us of a CSRF vulnerability on SecureDrop’s Journalist Interface. Details are now available on their advisories page. Read More