Lucene search
SuseOPENSUSE-SU-2018:1330-1HistoryMay 17, 2018 - 6:07 p.m.
Security update for enigmail (moderate)
2018-05-1718:07:41
lists.opensuse.org
52
0.008 Low
EPSS
Percentile
80.1%
This update for enigmail to version 2.0.4 fixes multiple issues.
Security issues fixed:
- CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out
of encrypted emails. enigmail now fails on GnuPG integrity check
warnings for old Algorithms (bsc#1093151) - CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of
encrypted emails (bsc#1093152)
This update also includes new and updated functionality:
- The Encryption and Signing buttons now work for both OpenPGP and S/MIME.
Enigmail will chose between S/MIME or OpenPGP depending on whether the
keys for all recipients are available for the respective standard - Support for the Autocrypt standard, which is now enabled by default
- Support for Pretty Easy Privacy (pΓ’ΒΒ‘p)
- Support for Web Key Directory (WKD)
- The message subject can now be encrypted and replaced with a dummy
subject, following the Memory Hole standard forprotected Email Headers - keys on keyring are automatically refreshed from keyservers at irregular
intervals - Subsequent updates of Enigmail no longer require a restart of Thunderbird
- Keys are internally addressed using the fingerprint instead of the key ID
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | i586 | enigmail | <Β 2.0.4-12.1 | enigmail-2.0.4-12.1.i586.rpm |
| openSUSE Leap | 42.3 | x86_64 | enigmail | <Β 2.0.4-12.1 | enigmail-2.0.4-12.1.x86_64.rpm |
Related
fedora
fedora
[SECURITY] Fedora 27 Update: thunderbird-enigmail-2.0.4-1.fc27
2018-05-27 19:51:43
[SECURITY] Fedora 26 Update: thunderbird-enigmail-2.0.4-1.fc26
2018-05-27 19:19:09
[SECURITY] Fedora 28 Update: thunderbird-enigmail-2.0.4-1.fc28
2018-05-24 13:59:48
seebug
seebug
OpenPGPγS/MIME information disclosure (CVE-2017-17688,CVE-2017-17689)
2018-05-16 00:00:00
nessus
nessus
openSUSE Security Update : enigmail (openSUSE-2019-395) (EFAIL)
2019-03-27 00:00:00
openSUSE Security Update : enigmail (openSUSE-2018-474) (EFAIL)
2018-05-21 00:00:00
openSUSE Security Update : enigmail (openSUSE-2019-368) (EFAIL)
2019-03-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for enigmail (openSUSE-SU-2018:1347-1)
2018-10-26 00:00:00
Fedora Update for thunderbird-enigmail FEDORA-2018-25525a9346
2018-05-28 00:00:00
openSUSE: Security Advisory for enigmail (openSUSE-SU-2018:1330-1)
2018-05-18 00:00:00
suse
suse
Security update for enigmail (moderate)
2018-05-23 21:22:04
Security update for enigmail (moderate)
2018-05-17 18:07:05
Security update for enigmail (moderate)
2018-05-19 21:07:20
cert
cert
OpenPGP and S/MIME mail client vulnerabilities
2018-05-14 00:00:00
prion
prion
Design/Logic Flaw
2018-05-16 19:29:00
Design/Logic Flaw
2018-05-16 19:29:00
Design/Logic Flaw
2018-11-12 17:29:00
cve
cve
veracode
veracode
Information Disclosure
2020-09-21 06:21:46
debiancve
debiancve
redhatcve
redhatcve
CVE-2017-17688
2020-04-04 17:18:47
CVE-2017-17689
2018-05-14 12:51:25
ubuntucve
ubuntucve
osv
osv
CVE-2018-19205
2018-11-12 17:29:00
debian
debian
[SECURITY] [DSA 4244-1] thunderbird security update
2018-07-13 19:22:30