News

Release Announcement

SecureDrop 2.0.2 Released

We’re pleased to announce that SecureDrop 2.0.2 has been released. This is a maintenance release that updates the Linux kernel on your SecureDrop servers. Read More

Aug 12 2021, 3:00 PM
Read More
Release Announcement

SecureDrop 2.0.1 Released

We’re pleased to announce that SecureDrop 2.0.1 has been released. This is a maintenance release that updates dependencies and signs the SecureDrop release tag with our updated signing key. A complete list of changes can be found on Github.What’s new in SecureDrop 2.0.1?For developersMaintenance: The SecureDrop release tag is now … Read More

Jul 8 2021, 7:00 PM
Read More
Interest Article

Why we are rotating the SecureDrop release key

SecureDrop releases are digitally signed using a release key. This allows anyone to verify the integrity of a SecureDrop release, to mitigate the risk of tampering by third parties. After nearly 5 years in use, as a purely precautionary measure, we are rotating the release key. Read More

Jun 28 2021, 3:00 PM
Read More
Release Announcement

SecureDrop 2.0.0 Released

We’re pleased to announce that SecureDrop 2.0.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub.Important: All Tails Workstations should run the SecureDrop graphical updater before June 29, 2021, to ensure … Read More

Jun 23 2021, 7:00 PM
Read More
Pre-Release Announcement

SecureDrop 2.0.0: Pre-Release Announcement

The release of the next version of SecureDrop, 2.0.0, is scheduled for June 22, 2021. We will send out another notification through this blog, Twitter, Mastodon, and the support portal when the release is live. Changes that journalists and administrators should be aware of are summarized in this blog post. … Read More

Jun 15 2021, 7:00 PM
Read More
Security Advisory

Security Advisory: Cross-site request forgery vulnerability on Journalist Interface test alert form

On May 10, 2021, the Tenable team informed us of a CSRF vulnerability on SecureDrop’s Journalist Interface. Details are now available on their advisories page. Read More

May 19 2021, 1:00 PM
Read More
Release Announcement

SecureDrop 1.8.2 Released

We’re pleased to announce that SecureDrop 1.8.2 has been released. This is a bugfix release only issued for servers running Ubuntu 20.04. A complete list of changes can be found on GitHub. Read More

May 18 2021, 3:00 PM
Read More
Release Announcement

SecureDrop 1.8.1 Released

We’re pleased to announce that SecureDrop 1.8.1 has been released. This is a bugfix release to provide a smoother migration experience from Ubuntu 16.04 (Xenial) to Ubuntu 20.04 (Focal). A complete list of changes can be found on GitHub. Read More

Apr 14 2021, 1:00 PM
Read More