We’re pleased to announce that SecureDrop 2.3.1 has been released. This is a bugfix release for performance and localization issues. A complete list of changes can be found on GitHub.

What’s new in SecureDrop 2.3.1?

For sources

• Bugfix: On servers with many sources, GPG key operations no longer slow down to the point of potentially causing timeout issues on the Source Interface. This was due to intermittent checks of GPG’s trust database, a feature not used by SecureDrop. (Issue, Pull Request)
• Bugfix: Changing the user interface language on the codename page of the Source Interface no longer results in an error message, fixing a regression introduced in the previous release. (Issue, Pull Request)

What administrators need to do

SecureDrop Application and Monitor Servers will be updated to SecureDrop 2.3.1 automatically within 24 hours of the release. As with previous releases, we recommend that you update your Tails workstations to the latest version of Tails and the latest version of SecureDrop. Please see our upgrade guide for instructions.

Questions and comments

If you have questions or comments regarding this release, please contact us:

• Via our Support Portal, if you are a member (membership is available to SecureDrop administrators on request);
• Via securedrop@freedom.press (GPG encrypted) for sensitive security issues (please use judiciously);
• Via our community forums.

We also encourage you to file non-sensitive issues you encounter in our GitHub repository (issue report form).

Thank you for using SecureDrop!