Tails 7.7.2: Emergency update for anonymizing Linux patches Firefox leaks
The anonymizing Linux Tails closes Firefox and the "Copy Fail" security vulnerabilities in the Tor Browser in version 7.7.2, among others.
(Image: heise medien)
The maintainers of the Linux distribution Tails, intended for anonymous internet browsing, have released version 7.7.1 and shortly after publication of this articel version 7.7.2. This is an emergency update that closes security vulnerabilities.
In the release announcement for Tails 7.7.1, the developers explain that they have updated the central Tor Browser to version 15.0.11. This closes several vulnerabilities that the underlying Firefox 140.10.1 addresses. These include vulnerabilities classified as critical security risks affecting memory safety. Mozilla developers are holding back on details but assess the risk as “critical,” while the US IT security authority CISA comes to a CVSS score of 7.3, meaning a risk level of “high” (CVE-2026-7322). The Tails developers emphasize that they are not aware of any practical misuse of the vulnerabilities yet.
The mail client Thunderbird is included in version 140.10.0 – however, the software is still vulnerable to memory safety issues. The Mozilla Foundation has since released Thunderbird 140.10.1 and supplemented the CVE vulnerability description.
On Monday the release of Tails 7.7.2 brought the new Linux kernel version 6.12.85 which adds corrections to fix the already attacked „Copy Fail“ linux vulnerability.
ISO image on USB stick
Tails provides its images for transfer to USB sticks, including for the current version. This is the most common way to use Tails. The project also continues to distribute ISO images with which Tails can be started from DVD or in a virtual machine. Until now, the ISO images also worked excellently on USB sticks, albeit with limitations, for example, regarding automatic upgrades or persistent storage. To avoid confusion for those using USB sticks, the Tails developers have reduced the ISO images by a few MBytes and removed support for them; the images no longer start from USB.
Videos by heise
Tails 7.7 was released about two weeks ago and introduced a new warning about expiring or expired Secure Boot certificates.
Added the Tails 7.7.2 version that was released on Monday shortly after publishing this article.
(dmk)
