openSUSE alert openSUSE-SU-2018:1454-1 (enigmail)
| From: | opensuse-security@opensuse.org | |
| To: | opensuse-updates@opensuse.org | |
| Subject: | openSUSE-SU-2018:1454-1: moderate: Security update for enigmail | |
| Date: | Mon, 28 May 2018 21:10:07 +0200 (CEST) | |
| Message-ID: | <20180528191007.072E2FD2B@maintenance.suse.de> |
openSUSE Security Update: Security update for enigmail ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1454-1 Rating: moderate References: #1094781 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for enigmail to version 2.0.6 fixes the following issues: Security issues fixed: - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data (boo#1094781) - Signature could be spoofed via Inline-PGP in HTML Mails The following bugs were fixed: - Filter actions could forget selected mail folder names Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-535=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-535=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): enigmail-2.0.6-18.1 - openSUSE Leap 15.0 (x86_64): enigmail-2.0.6-lp150.2.9.1 References: https://bugzilla.suse.com/1094781