Tails/wiki/src/news/audit_by_ROS_2024.*.po — Chinese (zh) @ Tails translation platform

Exit Zen

1
	English type: Plain text [[!meta title="Security audit of automatic upgrades and recent changes"]]
	Chinese (zh) 0/740 · 74 Needs editing
2
	English type: Plain text [[!meta date="Fri, 16 May 2025 17:39:24 +0000"]]
	Chinese (zh) 0/490 · 49 Needs editing
3
	English type: Plain text [[!pagetemplate template="news.tmpl"]]
	Chinese (zh) 0/390 · 39 Needs editing
4
	English type: Plain text [[!tag announce]]
	Chinese (zh) 0/180 · 18 Needs editing
5
	English type: Plain text [[!tag security/audit]]
	Chinese (zh) 0/240 · 24 Needs editing
6
	English type: Plain text Late 2024, [Radically Open Security](https://www.radicallyopensecurity.com/) conducted another security audit of critical parts of Tails.
	Chinese (zh) 0/1370 · 137 Needs editing
7
	English type: Plain text To better protect our users, we addressed the security vulnerabilities as soon as they were discovered and reported to us, without waiting for the audit to be complete and public.
	Chinese (zh) 0/1790 · 179 Needs editing
8
	English type: Plain text We can now share with you the [final report](https://gitlab.tails.boum.org/-/project/103/uploads/56c89755aa84636e900094ed23e0919f/report_tails-1.pdf).
	Chinese (zh) 0/1500 · 150 Needs editing
9
	English type: Plain text The auditors concluded that:
	Chinese (zh) 0/280 · 28 Needs editing
10
	English type: Plain text > The Tails operating system leaves a strong security impression, addressing > most anonymity-related concerns. We did not find any remote code execution > vulnerabilities, and all identified issues required a compromised > low-privileged `amnesia` user – the default user in Tails. > > Looking back at the [[previous audit\|audit_by_ROS]], we can see the Tails > developers have made significant progress, demonstrating expertise and a > serious commitment to security.
	Chinese (zh) 0/4760 · 476 Needs editing
11
	English type: Title # Findings
	Chinese (zh) 0/100 · 8 Needs editing
12
	English type: Plain text The auditors did not identify any vulnerability in:
	Chinese (zh) 0/510 · 51 Needs editing
13
	English type: Bullet: '- ' The creation of the Persistent Storage with LUKS2, introduced in [[Tails 5.14\|version_5.14]] (June 2023)
	Chinese (zh) 0/1040 · 104 Needs editing
14
	English type: Plain text - Our security improvements to [[Thunderbird\|doc/anonymous_internet/thunderbird]]
	Chinese (zh) 0/830 · 83 Needs editing
15
	English type: Plain text - The random seed feature, introduced in [[Tails 6.4\|version_6.4]] (June 2024)
	Chinese (zh) 0/780 · 78 Needs editing
16
	English type: Plain text The auditors found 4 issues in:
	Chinese (zh) 0/310 · 31 Needs editing
17
	English type: Plain text - The automatic upgrade mechanism
	Chinese (zh) 0/330 · 33 Needs editing
18
	English type: Plain text - Other important changes since [[Tails 5.8\|version_5.8]] (November 2023)
	Chinese (zh) 0/730 · 73 Needs editing
19
	English type: Plain text <table> <tr><th>ID</th><th>Impact</th><th>Description</th><th>Issue</th><th>Status</th><th>Release</th></tr> <tr><td>OTF-001</td><td>High</td><td>Local privilege escalation in <i>Tails Upgrader</i></td><td>[[!tails_ticket 20701]]</td><td>Fixed</td><td>6.11</td></tr> <tr><td>OTF-002</td><td>High</td><td>Arbitrary code execution in Python scripts</td><td>[[!tails_ticket 20702]]</td><td>Fixed</td><td>6.11</td></tr> <tr><td> </td><td></td><td></td><td>[[!tails_ticket 20744]]</td><td>Fixed</td><td>6.12</td></tr> <tr><td>OTF-003</td><td>Moderate</td><td>Argument injection in privileged GNOME scripts</td><td>[[!tails_ticket 20709]]</td><td>Fixed</td><td>6.11</td></tr> <tr><td> </td><td></td><td></td><td>[[!tails_ticket 20710]]</td><td>Fixed</td><td>6.11</td></tr> <tr><td>OTF-004</td><td>Low</td><td>Untrusted search path in Tor Browser launcher</td><td>[[!tails_ticket 20733]]</td><td>Fixed</td><td>6.12</td></tr> </table>
	Chinese (zh) 0/9390 · 939 Needs editing
20
	English type: Title # Postmortem
	Chinese (zh) 0/100 · 10 Needs editing