Lucene search

K
suseSuseOPENSUSE-SU-2018:1708-1
HistoryJun 15, 2018 - 9:12 p.m.

Security update for enigmail (moderate)

2018-06-1521:12:53
lists.opensuse.org
52

0.008 Low

EPSS

Percentile

79.7%

This update for enigmail fixes vulnerabilities that allowed spoofing of
e-mail signatures:

  • CVE-2018-12019: signature spoofing via specially crafted OpenPGP user
    IDs (boo#1097525)
  • CVE-2018-12020: signature spoofing via diagnostic output of the original
    file name in GnuPG verbose mode (boo#1096745) This mitigation prevents
    CVE-2018-12020 from being exploited even if GnuPG is not patched.

0.008 Low

EPSS

Percentile

79.7%

Related for OPENSUSE-SU-2018:1708-1