Upgrade from 2.16.0 to 2.16.1
Changes in SecureDrop 2.16.1
SecureDrop 2.16.1 addresses an issue in which Onion Service client authentication credentials may have been inadvertently copied to the Monitor Server.
This issue only affects SecureDrop instances that have journalist alerts
disabled and have run the securedrop-admin install command since
December 2025.
To see if your server was affected, and if so, how to remediate the issue, please refer to the announcement for the 2.16.1 release.
Update Workstations to SecureDrop 2.16.1
Important
We recommend backing up your workstations prior to any upgrades. See our backup instructions for more information.
Update Automatically
On the next boot of your SecureDrop Journalist and Admin Workstations,
securedrop-admin will be automatically updated once
your Persistent Storage volume is unlocked and a Tor connection is
established.
Manual Update
You can manually update by running:
sudo apt update
sudo apt upgrade
This will check for updates to your installed packages,
including securedrop-admin, and install any that
are available.
You can verify the installed version number by running:
sudo apt policy securedrop-admin
and confirming that you see version ‘2.16.1’ is installed.
Getting Support
Should you require further support with your SecureDrop installation, we are happy to help!
If you are already in touch with us for support via Signal, please contact us there.
If you would like to request support, please contact us by e-mail at securedrop@freedom.press (PGP encrypted), or by using the (Get Help with SecureDrop) contact form. - The Freedom of the Press Foundation offers training and priority support services. See https://securedrop.org/priority-support/ for more information.