We are annoucing the release of SecureDrop 0.5.2. The important changes in this release are summarized below:
- Updates Tor to 0.3.2.9-1~trusty+1 on all SecureDrop servers
- Resolves a bug in the registration of OSSEC agents during securedrop-admin-install
For full details, see the changelog. Development for this releasw as tracked in the 0.5.2 milestone on GitHub.
What Administrators Need To Do
The update will be automatic on the Application and Monitor Servers. This release does not require you to run securedrop-admin again from the Admin Workstation.
All administrator and journalist drives should be upgraded to Tails 3.5 as it contains multiple security fixes, including further Spectre mitigations.
For administrators that have been experiencing OSSEC issues due a failure of the application server agent to register with the OSSEC server, you can do the following from your Admin Workstation (note: if you would like to edit OSSEC-related system configuration settings, please read this documentation on updating system config):
cd ~/Persistent/securedrop git fetch --tags git checkout 0.5.2 gpg --refresh-keys git tag -v 0.5.2 # Output should include "Good Signature" ./securedrop-admin setup ./securedrop-admin install
If you have issues with this procedure, please report them to us via the support area of the SecureDrop community forum or the Freedom of the Press Foundation SecureDrop support portal.