Tails 4.4 arrives with Tor 9.0.6, updates, fixes and more

Some days ago the release of the new version of the popular Linux distribution that provides Anonymous network access "Tails 4.4". This new version of the distribution comes with a purely package update version and to implement solutions to some bugs found in the previous version.

Tails 4.4 It is released one month after the release of the previous Tails 4.3 version and in this new version the update of the Tor web browser to version 9.0.6 stands out.

For those who still do not know this Linux distribution, I can tell you something about it. Tails is a Linux distribution is based on Debian, but it stands out from the other distributions that take Debian as a base since what makes it special is that it forces all the outgoing connections from it to the Tor network so is an excellent option to preserve privacy.

What's new in Tails 4.4?

In this new release of the distribution the inclusion of the new version of the Tor browser is highlighted which has been updated to version 9.0.6 which is synchronized with the Firefox 68.6.0 ESR code base.

With it too NoScript 11.0.15 is updated, with which in this version loading built into the CSS was prohibited in more secure mode. The developers also warned of a remaining uncorrected bug, which made it possible to start the JavaScript code in the "most secure" protection mode.

The problem has not yet been resolved, so for those for whom the prohibition of JavaScript execution is important, It is recommended for a while in about: config to completely ban the use of JavaScript in the browser by changing the javascript.enabled parameter in about: config.

Judging by the changes in the next version of NoScript 11.0.18, the problem is not resolved either. Tor Browser includes an automatic NoScript update, so after the patch appears, it will be delivered automatically.

It is also important to mention that despite the fact that the new version of Tails 4.4 was released several days ago, when running the package update command, Tor will receive updates important of which two vulnerabilities are fixed:

  • CVE-2020-10592: any attacker can use it to initiate a denial of service relay. Tor directory servers can also perform an attack to attack hidden clients and services. The attacker can create conditions that lead to excessive CPU load, disrupting normal operation for several seconds or minutes (repeating the attack can stretch DoS for a long time). The problem has been apparent since the release of 0.2.1.5-alpha.
  • CVE-2020-10593: it is a remotely triggered memory leak that occurs when double-match circuit padding for the same string.

Moreover it is highlighted that the Linux kernel is updated to version 5.4.19, Thunderbird 68.5.0, cURL 7.64.0, evince 3.30.2, Pillow 5.4.1, WebKitGTK 2.26.4, virtualbox 6.1.4.

Another change that stands out is that missing firmware was added for wireless cards based on Realtek RTL8822BE / RTL8822CE chips.

Download Tails 4.4

Si you want to try or install this new version of this Linux distribution on your computer, You can obtain the image of the system which is already available from its official website in its download section, link is this.

The image obtained from the download section is a 1,1 GB ISO image capable of working in live mode.

How to update to the new version of Tails 4.4?

For those users who have an older version of Tails installed and want to upgrade to this new version. You should know that the direct upgrade to Tails 4.4 can be done directly from any version of Tails 4.x.

While for users who are still in the 3.xxx branch, they must first go to version 4.0 (although it would be advisable to perform a clean installation of Tails 4.3). For this they can make use of their USB device that they used to install Tails, they can consult the information to carry this movement on their computer In the following link. 


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.