Information on source package enigmail

Available versions

ReleaseVersion
jessie (security)2:1.9.9-1~deb8u1
stretch2:2.0.8-5~deb9u1
stretch (security)2:1.9.9-1~deb9u1
buster2:2.0.8-5
sid2:2.0.9+ds1-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-12020vulnerablefixedfixedfixedmainproc.c in GnuPG before 2.2.8 mishandles the original filename ...
CVE-2018-12019vulnerablefixedfixedfixedThe signature verification routine in Enigmail before 2.0.7 interprets ...
CVE-2017-17688vulnerablevulnerable (no DSA, ignored)vulnerablevulnerable** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...

Resolved issues

BugDescription
CVE-2017-17848An issue was discovered in Enigmail before 1.9.9. In a variant of ...
CVE-2017-17847An issue was discovered in Enigmail before 1.9.9. Signature spoofing is ...
CVE-2017-17846An issue was discovered in Enigmail before 1.9.9. Regular expressions ...
CVE-2017-17845An issue was discovered in Enigmail before 1.9.9. Improper Random ...
CVE-2017-17844An issue was discovered in Enigmail before 1.9.9. A remote attacker can ...
CVE-2017-17843An issue was discovered in Enigmail before 1.9.9 that allows remote ...
CVE-2014-5369Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ...
CVE-2007-1264Enigmail 0.94.2 and earlier does not properly use the --status-fd ...
CVE-2006-5877The enigmail extension before 0.94.2 does not properly handle large, ...
CVE-2005-3256The key selection dialogue in Enigmail before 0.92.1 can incorrectly ...

Security announcements

DSA / DLADescription
DLA-1219-1enigmail - security update
DSA-4070-1enigmail - security update
DSA-4070-1enigmail - security update
DLA-1086-1enigmail - security update
DSA-3921-1enigmail - update
DSA-3921-1enigmail - update
DLA-523-1enigmail - security update
DSA-889-1enigmail - programming error

Search for package or bug name: Reporting problems