Today we are announcing the release of SecureDrop 0.3.7. The important changes in this release are:
- It is now possible for SecureDrop administrators and journalists to upgrade their Tails USBs to the latest version of Tails (2.x). We strongly encourage SecureDrop administrators and journalists to upgrade to Tails 2.x as soon as possible. The process for doing so is documented in detail here.
- The backup and restore procedures for SecureDrop instances have been made faster, more convenient, and less error-prone. They are documented here.
- SecureDrop's new ReadTheDocs-based documentation has been backported from the development branch to 0.3.7. This automatically creates two versions of the documentation on ReadTheDocs: one for the stable release, which should be used by end users (sources, journalists, and administrators), and one for the development branch, which should be used by developers.
- SecureDrop's Python dependencies have been upgraded to their latest versions. There was no pressing need to do this (e.g. a known security vulnerability in one of the dependencies), but we did so because keeping all dependencies up to date is best practice.
The server-side components of this release are provided by the Debian packages hosted on the FPF package server, and all SecureDrop instances will receive these upgrades automatically. The client-side components of the release (Tails 2.x upgrade, improved backup and restore role) are optional, but if you wish to take advanatage of these improvements, you will need to upgrade your local copy of SecureDrop. The process for doing so is documented here.
If you have any questions, or experience difficulties with this upgrade, please open an issue on our support site.
Development for this release was tracked on the 0.3.7 milestone on GitHub.