I installed Whonix KVM version 16.0.9.8 a few months ago. About 2 months or so ago, it changed to 16.0.9.0. Has there been a rollback?
I verified my installation (16.0.9.8) with PGP and compared the checksums and it it’s all good. Both gateway and workstation VMs are working normally. Now I’m confused why the version went back. Possible rollback attack?
It wasn’t the version number in the virtual machine, but the image itself. On the Whonix KVM page, the download link shows the version number. That was the version that changed.
I checked with the Kicksecure website and the same thing happened there with Kicksecure KVM (changed from 16.0.9.8 to 16.0.9.0). From what I could tell, this seems to be an issue with Whonix/Kicksecure images specific to KVM.
Indeed, image download version was reverted from 16.0.9.8 to 16.0.9.0.
This happened due to a mistake. It’s related to MultiWiki. Template:Version_KVM is a MultiWiki wiki page. When editing a MultiWiki page in Whonix wiki such as for example Template:Version_KVM it shows a warning:
Please do not edit! This is a MultiWiki slave page.
Thanks for your timely response! I’m surprised this went unnoticed for so long.
To confirm, only the version number reverted but the image is OK? I installed 16.0.9.8 from a few months ago before the revert - is it fine to keep running this or is a reinstall suggested?