Last update: March 17, 2019. This website uses cookies. By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. More information


Bug Reports

Non-Critical Bugs[edit]

Users who find bugs are encouraged to report them to the Whonix ™ issue tracker. To assist developers, please refer to the Reporting Guidelines when describing the problem. In most cases it is helpful to report:

  • Whonix ™ version and platform.
  • Affected component(s) or functionality.
  • Steps to reproduce the behavior.
  • Expected behavior.
  • Actual behavior - including detailed console output.
  • Relevant Documentation that was consulted.
  • Any related, non-duplicate issues (bugs).

Once notified issues are reproduced and confirmed, developers discuss the problem in order to find a suitable solution or workaround. All Whonix ™ source code fixes and related matters are implemented as quickly as possible and the finding is posted for the public benefit.

Security Vulnerabilities[edit]

Users are kindly asked to privately report security bugs and describe the problem in detail - see the recommended Reporting Guidelines for guidance. Lead Whonix ™ developer Patrick Schleizer should be contacted via OpenPGP encrypted mail before the information is published in public forums; see Contacting Whonix ™ developers / Feedback / Questions. In this way, vulnerabilities can be patched without endangering the Whonix ™ user population and the notifier can be credited with the finding(s) after the change reaches the stable repository (or next Whonix ™ release).

Whonix ™ Package Upgrade Policy[edit]

Prior to Whonix ™ 14, tickets that were resolved on the Whonix ™ issue tracker were not automatically pushed to the stable (or even developer) version of Whonix ™. This meant stable package upgrades were rare -- unless critical security security vulnerabilities were discovered -- thereby entirely avoiding the risk of destabilizing the Whonix ™ platform and necessitating manual user fixes. Fixes noted on the issue tracker generally only became available to all users after the next stable version release.

Whonix ™ 14 and later releases have transitioned to a rolling distribution, meaning far more frequent updates will filter through to the stable, stable-proposed-updates, testers and developers repositories. Advanced users who do not wish to wait for package updates can of course manually apply fixes to the relevant package(s) before that time. [1]

Phabricator issue tracker labels can be interpreted as follows:

  • Reviewed: "Completed in the latest source code version of Whonix" (but not released). Further testing is required in the next Whonix ™ developers-only or testers-only release.
  • Resolved: "Completed in the development version of Whonix".
  • There is no specific label to indicate status in the stable Whonix ™ release.


  1. For example, the Whonix ™ AppArmor profiles package is a prime candidate for manual fixes, as it frequently breaks Tor Browser functionality when later browser versions are released.

No user support in comments. See Support.

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.

Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.

Random News:

Join us in testing our new AppArmor profiles for improved security! (forum discussion)

https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.