openSUSE-SU-2019:1612-1

Опубликовано: 24 июн. 2019

Источник: suse-cvrf

Описание

Security update for enigmail

This update for enigmail fixes the following issues:

enigmail was updated to 2.0.11:

CVE-2019-12269: Specially crafted inline PGP messages could spoof a 'correctly signed' message (boo#1135855)

enigmail was updated to 2.0.10:

various bug fixes for configuring and handling encrypted e-mail
UI fixes for dialogs, messages, and dark Thunderbird themes

Список пакетов

SUSE Package Hub 12

enigmail-2.0.11-31.1

openSUSE Leap 15.0

enigmail-2.0.11-31.1

openSUSE Leap 15.1

enigmail-2.0.11-31.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CI6BIXCQAKIHNU6GDO2SRVP2OU74DT7Q/#CI6BIXCQAKIHNU6GDO2SRVP2OU74DT7Q
E-Mail link for openSUSE-SU-2019:1612-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1135855
SUSE Bug 1135855
https://www.suse.com/security/cve/CVE-2019-12269/
SUSE CVE CVE-2019-12269 page

Описание

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.

Затронутые продукты

SUSE Package Hub 12:enigmail-2.0.11-31.1

openSUSE Leap 15.0:enigmail-2.0.11-31.1

openSUSE Leap 15.1:enigmail-2.0.11-31.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-12269.html
CVE-2019-12269
https://bugzilla.suse.com/1135855
SUSE Bug 1135855

openSUSE-SU-2019:1612-1

Описание

Список пакетов

SUSE Package Hub 12

openSUSE Leap 15.0

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-12269

Описание

Затронутые продукты

Ссылки