Information on source package enigmail

Available versions

ReleaseVersion
buster2:2.2.4-0.2~deb10u1
buster (security)2:2.1.3+ds1-4~deb10u2
bullseye2:2.2.4-0.3
sid2:2.2.4-0.3

Resolved issues

BugDescription
CVE-2019-14664In Enigmail below 2.1, an attacker in possession of PGP encrypted emai ...
CVE-2019-12269Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PG ...
CVE-2018-15586Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed ...
CVE-2018-12020mainproc.c in GnuPG before 2.2.8 mishandles the original filename duri ...
CVE-2018-12019The signature verification routine in Enigmail before 2.0.7 interprets ...
CVE-2017-17848An issue was discovered in Enigmail before 1.9.9. In a variant of CVE- ...
CVE-2017-17847An issue was discovered in Enigmail before 1.9.9. Signature spoofing i ...
CVE-2017-17846An issue was discovered in Enigmail before 1.9.9. Regular expressions ...
CVE-2017-17845An issue was discovered in Enigmail before 1.9.9. Improper Random Secr ...
CVE-2017-17844An issue was discovered in Enigmail before 1.9.9. A remote attacker ca ...
CVE-2017-17843An issue was discovered in Enigmail before 1.9.9 that allows remote at ...
CVE-2017-17688The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleabi ...
CVE-2014-5369Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ...
CVE-2007-1264Enigmail 0.94.2 and earlier does not properly use the --status-fd argu ...
CVE-2006-5877The enigmail extension before 0.94.2 does not properly handle large, e ...
CVE-2005-3256The key selection dialogue in Enigmail before 0.92.1 can incorrectly s ...

Security announcements

DSA / DLADescription
DLA-1219-1enigmail - security update
DSA-4070-1enigmail - security update
DLA-1086-1enigmail - security update
DSA-3921-1enigmail - update
DLA-523-1enigmail - security update
DSA-889-1enigmail - programming error

Search for package or bug name: Reporting problems