Information on source package enigmail

Available versions

ReleaseVersion
jessie (security)2:1.9.9-1~deb8u1
stretch2:2.0.8-5~deb9u1
stretch (security)2:1.9.9-1~deb9u1
buster2:2.0.10+ds1-1
sid2:2.0.11+ds1-1

Open issues

BugjessiestretchbustersidDescription
CVE-2019-12269vulnerablevulnerablevulnerablefixedEnigmail before 2.0.11 allows PGP signature spoofing: for an inline PG ...
CVE-2018-15586vulnerablefixedfixedfixedEnigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed ...
CVE-2018-12020vulnerablefixedfixedfixedmainproc.c in GnuPG before 2.2.8 mishandles the original filename duri ...
CVE-2018-12019vulnerablefixedfixedfixedThe signature verification routine in Enigmail before 2.0.7 interprets ...
CVE-2017-17688vulnerablefixedfixedfixed** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...

Resolved issues

BugDescription
CVE-2017-17848An issue was discovered in Enigmail before 1.9.9. In a variant of CVE- ...
CVE-2017-17847An issue was discovered in Enigmail before 1.9.9. Signature spoofing i ...
CVE-2017-17846An issue was discovered in Enigmail before 1.9.9. Regular expressions ...
CVE-2017-17845An issue was discovered in Enigmail before 1.9.9. Improper Random Secr ...
CVE-2017-17844An issue was discovered in Enigmail before 1.9.9. A remote attacker ca ...
CVE-2017-17843An issue was discovered in Enigmail before 1.9.9 that allows remote at ...
CVE-2014-5369Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ...
CVE-2007-1264Enigmail 0.94.2 and earlier does not properly use the --status-fd argu ...
CVE-2006-5877The enigmail extension before 0.94.2 does not properly handle large, e ...
CVE-2005-3256The key selection dialogue in Enigmail before 0.92.1 can incorrectly s ...

Security announcements

DSA / DLADescription
DLA-1219-1enigmail - security update
DSA-4070-1enigmail - security update
DSA-4070-1enigmail - security update
DLA-1086-1enigmail - security update
DSA-3921-1enigmail - update
DSA-3921-1enigmail - update
DLA-523-1enigmail - security update
DSA-889-1enigmail - programming error

Search for package or bug name: Reporting problems