SUSE-SU-2019:1576-1 Security update for enigmail

This update for enigmail to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2019-12269: Fixed an issue where a specially crafted inline PGP messages could spoof a 'correctly signed' message bsc1135855...

SUSE-SU-2018:4215-1 Security update for enigmail

This update for enigmail to version 2.0.9 fixes the following issues: Security issue fixed: - When using Web Key Discovery, a HTTP authentication may be triggered. This may trick users into possibly sending e-mail credentials bsc1118935. Non-security issues fixed: - pEp - PGP/MIME signed-only...

CVE-2014-5369

Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2007-1264

Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...