English
> Experience has shown that "security through obscurity" does
not work. Public disclosure allows for more rapid and better solutions to
security problems. In that vein, this page addresses Debian's status with
respect to various known security vulnerabilities, which could potentially affect
Debian.
Current security vulnerabilities
[[!inline pages="page(security/*)
and !security/fixed and !security/fixed.* and !security/fixed/*
and !security/audits and !security/audits.* and !security/audits/*
and ! tagged(security/fixed) and currentlang()"
actions=no archive=yes feeds=no show=0 sort="-meta(date) age -path"]]
Fixed security vulnerabilities
<!-- Keep in sync with security/fixed.mdwn -->
[[!inline pages="page(security/*) and tagged(security/fixed) and (currentlang() or security/Numerous_security_holes_in_* or security/known_security_vulnerabilities_in_*)"
actions=no archive=yes feeds=no show=5 sort="-meta(date) age -path"]]
Security audits
[[!inline pages="security/audits" raw="yes"]]
[[!inline pages="page(security/*)
and !security/fixed and !security/fixed.* and !security/fixed/*
and !security/audits and !security/audits.* and !security/audits/*
and currentlang()"
actions=no archive=yes feedonly=yes show=10 sort="-meta(date) age -path"]]
Since Tails is based on Debian, it takes advantage of all the work done by the Debian security team. As quoted from <https://www.debian.org/security/>:
Current holes
[[!inline pages="page(security/*) and ! tagged(security/probable)
and !security/audits and !security/audits.* and !security/audits/*
and ! tagged(security/fixed) and currentlang() and created_after(security/Numerous_security_holes_in_1.2)"
actions=no archive=yes feeds=no show=0 sort="-meta(date) age -path"]]
Probable holes
Until an [[!tails_ticket 5769 desc="audit"]] of the bundled network applications is done, information leakages at the protocol level should be considered as − at the very least − possible.
[[!inline pages="page(security/*) and tagged(security/probable) and currentlang()"
actions=no archive=yes feeds=no show=0 sort="-meta(date) age -path"]]
Fixed holes
**WARNING**: some of these holes may only be fixed in [[Git|contribute/git]].
Please carefully read the "Affected versions" sections below.
Audits
Audits of Tails that we are aware of are collected in [[security/audits]].
[[!meta title="Security"]]