We are pleased to announce the release of SecureDrop 0.11.0. This release includes a fix for a low severity security regression concerning SSH logins, a kernel update, user interface improvements, a new version of Tor, a new version of Ansible, and more. A complete list of changes can be found on GitHub.
What’s new in SecureDrop 0.11.0?
For sources
- User interface change: The “screensaver” feature on the source interface that hides screen contents after 2 minutes of inactivity has been removed, due to its potential to cause confusion with limited benefit. (Issue, Pull Request)
- User interface change: The hard disk drive platter icon used to represent the action of uploading files to SecureDrop has been replaced with a more common cloud upload icon. (Issue, Pull Request)
- User interface change: The Tor icon used to explain the use of the security slider has been updated to be consistent with the icon used in the latest version of the Tor browser. (Issue, Pull Request)
For administrators
- Bugfix: You can now change your OSSEC public key after the initial install. Due to a bug, attempting to apply the change by running
./securedrop-admin install
previously failed with a permission error. (Issue, Pull Request) - Security / regression: Since two-factor authentication for console logins was removed in SecureDrop 0.8.0, password authentication was not explicitly disabled for SSH logins. By default, SSH access also requires a Tor ATHS token. If SSH access over the local network is enabled, SSH access requires physical access if your deployment uses the recommended hardware firewall configuration. It is therefore unlikely that an attacker was able to exploit this configuration error. (Issue, Pull Request)
- Kernel upgrade / security: The Linux kernel on SecureDrop servers has been upgraded from version 4.4.144 to version 4.4.162. This upgrade includes L1TF and Spectre v4 mitigations and addresses other local privilege escalation vulnerabilities; these vulnerabilities can only be exploited by users who have the ability to execute code on the SecureDrop servers. (Issue, Pull Request)
- Kernel removal: As previously announced, the 3.14.x series kernel, which has reached end-of-life, has been completely from SecureDrop servers. (Issue, Pull Request)
- New language: SecureDrop is now available in Greek. You can enable Greek or any other supported languages following our documentation.
- User interface change: The “Add user” screen in the admin interface now indicates that usernames are case-sensitive, and that they may contain spaces. (Issue, Pull Request)
- Upgrade: Tor has been upgraded from version 0.3.3.9 to version 0.3.4.9 on the Application and Monitor Servers. See the Tor changelog for details. (Issue)
- Dependency upgrade / security: As a precaution, this release has updated Ansible from version 2.4.2 to version 2.6.8. Ansible is used for installing SecureDrop and for applying configuration changes. The previously installed version of Ansible contains a known security vulnerability which does not directly impact SecureDrop. (Issue, Pull Request)
For developers
- Journalist Interface API behavior change: Posting a reply through the API now returns the UUID of the newly created reply. (Issue, Pull Request)
- Journalist Interface API bugfix: The filenames of replies in API responses no longer include the full path to the reply on the server filesystem. (Issue, Pull Request)
What administrators need to do
SecureDrop Application and Monitor Server code will be updated automatically. Please see the upgrade guide from SecureDrop 0.10.0 to SecureDrop 0.11.0 for information about updating your workstations and troubleshooting recommendations in case of kernel issues.
Acknowledgments
This release was made possible thanks to volunteer code and documentation contributions by Allie Crevier, heartsucker, Jaysinh Shukla, Katie Vinton, Michael Rose, and Robbie Mackay.
The translations for all supported languages were updated thanks to the work of many volunteers:
- Arabic: Ramy Raoof
- Chinese: Chi-Hsun Tsai
- Dutch: Nick Bouwhuis
- French: AO
- German: Ettore Atalan
- Greek (new): Dimitris Maroulidis, boublis, A. Nonymous, pierwill, Adrian, Loic Dachary
- Hindi: Chandan Kumar
- Italian: Claudio Arseni
- Norwegian: Øyvind Bye Skille, Allan Nordhøy
- Portuguese: communiaa
- Russian: Andrey, Adham Kurbanov
- Spanish: Adolfo Jayme-Barrientos, Zuhualime Akoochimoya
- Swedish: Jonas Franzén, Allan Nordhøy
- Turkish: A. Nonymous, Kaya Zeren
Kushal Das acted as the internationalization coordinator for this release.
Thanks to Erin M. from Localization Lab for going above and beyond in providing review and support for the localization of this release.
Questions and comments
If you have questions or comments regarding this release, please don't hesitate to reach out:
- Via our Support Portal, if you are a member (membership is approved on a case-by-case basis);
- Via securedrop@freedom.press (GPG encrypted) for sensitive security issues (please use judiciously);
- Via our community forums.
We also encourage you to file non-sensitive issues you encounter in our GitHub repository (issue report form).
Thank you for using SecureDrop!