Описание
Security update for enigmail
This update for enigmail to version 2.0.11 fixes the following issues:
Security issue fixed:
- CVE-2019-12269: Fixed an issue where a specially crafted inline PGP messages could spoof a 'correctly signed' message (bsc#1135855).
Список пакетов
SUSE Linux Enterprise Workstation Extension 15
enigmail-2.0.11-3.16.1
SUSE Linux Enterprise Workstation Extension 15 SP1
enigmail-2.0.11-3.16.1
Ссылки
- Link for SUSE-SU-2019:1576-1
- E-Mail link for SUSE-SU-2019:1576-1
- SUSE Security Ratings
- SUSE Bug 1135855
- SUSE CVE CVE-2019-12269 page
Описание
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:enigmail-2.0.11-3.16.1
SUSE Linux Enterprise Workstation Extension 15:enigmail-2.0.11-3.16.1
Ссылки
- CVE-2019-12269
- SUSE Bug 1135855