Update Info


Security update for enigmail

Type: security
Severity: important
Issued: 2017-12-22
This update for enigmail to version 1.9.9 fixes the following issues (boo#1073858):

* Enigmail could be coerced to use a malicious PGP public key with a corresponding secret key controlled by an attacker
* Enigmail could have replayed encrypted content in partially encrypted e-mails, allowing a plaintext leak
* Enigmail could be tricked into displaying incorrect signature  verification results
* Specially crafted content may cause denial of service



  • enigmail-1.9.9-6.1