Dear Tails developers, The current version of Electrum in Tails (2.7) has an attack vector via open RPC with password-less wallets.
Because Tails has encrypted persistence, many users are likely to use Electrum on Tails without password protection. For more information, see here: https://github.com/spesmilo/electrum-docs/blob/master/cve.rst Fix: update the Electrum version to the current tarball on the download page (3.0.6). Best regards and respect for your continued efforts, Amir _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
