Re: [Tails-dev] Electrum in Tails has a serious bug

Nachricht löschen

Nachricht beantworten
Autor: drwhax
Datum:  
To: The Tails public development discussion list
CC: Amir Taaki
Betreff: Re: [Tails-dev] Electrum in Tails has a serious bug
Hi Amir,

Please see: https://labs.riseup.net/code/issues/15022

Thanks

On 2018-02-06 13:17, Amir Taaki wrote:
> Dear Tails developers,
>
> The current version of Electrum in Tails (2.7) has an attack vector via
> open RPC with password-less wallets.
>
> Because Tails has encrypted persistence, many users are likely to use
> Electrum on Tails without password protection.
>
> For more information, see here:
>
> https://github.com/spesmilo/electrum-docs/blob/master/cve.rst
>
> Fix: update the Electrum version to the current tarball on the download
> page (3.0.6).
>
> Best regards and respect for your continued efforts,
> Amir
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> Tails-dev-unsubscribe@???.