Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
enigmail.13869
enigmail.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File enigmail.changes of Package enigmail.13869
------------------------------------------------------------------- Fri Jan 3 11:46:40 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.1.5: * Security issue: unsigned MIME parts displayed as signed boo#1159973 * Ensure that upgrading GnuPG 2.0.x to 2.2.x upgrade converts keyring format * Make Enigmail Compatible with Protected-Headers spec, draft 2 ------------------------------------------------------------------- Sun Dec 15 11:42:00 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.1.4: * Fixes for UI glitches * Option to "Attach public key to messages" was not restored properly ------------------------------------------------------------------- Sun Nov 3 09:10:05 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.1.3: * fix a bug in the setup wizard that could lead the wizard to never complete scanning the inbox ------------------------------------------------------------------- Fri Sep 20 20:20:13 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - boo#1151317: SeaMonkey is no longer supported. Update description and no longer put in SeaMonkey addons path ------------------------------------------------------------------- Tue Aug 20 11:27:36 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.1.2: * compatibility with Mozilla Thunderbird 68 * New simplified setup wizard * Full support for keys.openpgp.org * Default to ECC keys on GnuPG 2.1 or later * Autocrypt: implemented key-gossip and updates to known keys ------------------------------------------------------------------- Thu Jul 11 12:28:47 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enimail 2.0.12: * set the default keyserver to keys.openpgp.org in order to mitigate the SKS Keyserver Network Attack boo#1141025 ------------------------------------------------------------------- Wed May 22 20:55:11 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.0.11: * CVE-2019-12269: Specially crafted inline PGP messages could spoof a "correctly signed" message (boo#1135855) ------------------------------------------------------------------- Fri Mar 29 12:15:23 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de> - enigmail 2.0.10: * various bug fixes for configuring and handling encrypted e-mail * UI fixes for dialogs, messages, and dark Thunderbird themes ------------------------------------------------------------------- Mon Dec 10 11:03:56 UTC 2018 - astieger@suse.com - enigmail 2.0.9, fixing one security issues: * An HTTP authentication dialog maye displayed during web key discovery, allowing remote attackers to possibly trick the user into entering e-mail credentials (bsc#1118935) - other bugs fixed: * pEp - PGP/MIME signed-only messages are ignored * Autocrypt overrules manually created Per-Recipient Rules * "Re:" prefix on subject line disappears when editing encrypted, saved draft ------------------------------------------------------------------- Sun Aug 5 10:52:29 UTC 2018 - michael@stroeder.com - enigmail 2.0.8: This release addresses a security issue and solves a few regression bugs. * a security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted (boo#1104036) ------------------------------------------------------------------- Wed Jun 13 19:19:16 UTC 2018 - astieger@suse.com - enigmail 2.0.7: * CVE-2018-12020: Mitigation against GnuPG signature spoofing: Email signatures could be spoofed via an embedded "--filename" parameter in OpenPGP literal data packets. This update prevents this issue from being exploited if GnuPG was not updated (boo#1096745) * CVE-2018-12019: The signature verification routine interpreted User IDs as status/control messages and did not correctly keep track of the status of multiple signatures. This allowed remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids (boo#1097525) ------------------------------------------------------------------- Fri Jun 1 08:04:05 UTC 2018 - astieger@suse.com - enigmail 2.0.6.1: * fix compatibility issue with Thunderbird 60b7 * disallow plaintext (literal packets) outside of encrpyted packets ------------------------------------------------------------------- Sun May 27 18:03:30 UTC 2018 - astieger@suse.com - enigmail 2.0.6: * Replies to a partially encrypted message may have revealed protected information - no longer display PGP/MIME message part followed by unencrypted data (bsc#1094781) * Fix signature Spoofing via Inline-PGP in HTML Mails * Fix filter actions forgetting selected mail folder names ------------------------------------------------------------------- Tue May 22 06:01:27 UTC 2018 - astieger@suse.com - enigmail 2.0.5: * Improvements on previous fixes on CVE-2017-17688, bsc#1093151 and CVE-2017-17689, bsc#1093152 (EFAIL): - do not decrypt MIME parts unnecessarily - improve Error Message for Missing MDC ------------------------------------------------------------------- Wed May 16 15:07:43 UTC 2018 - astieger@suse.com - enigmail 2.0.4: * CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrit check warnings for old Algorithms (EFAIL, bsc#1093151) * CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (EFAIL), bsc#1093152) ------------------------------------------------------------------- Wed May 9 13:52:41 UTC 2018 - astieger@suse.com - enigmail 2.0.3 addresses the following issues (bsc#1092581): Stability and functionality: * Thunderbird may at displaying a message with an encrypted e-mail * Crash from processing double encrypted PGP/MIME message * Specific UI interaction sequence may prevent editing OpenPGP settings * Filter might not not executed at Thunderbird startup for ne message * gpg not terminated correctly when canceling "Import Key" Encryption/Decryption: * Saving encrypted draft leaks subject (even if protected headers are used) * manual PGP/MIME sig verification not working * Autocrpyt "addr" address might not match "From" header * Viewing S/MIME signed email disables PGP signature checks * S/MIME signing/encryption defaults not applied correctly E-mail subject handling: * Double "Re:" prefix on replies * "Re:" prefix on subject line disappears when editing encrypted, saved draft * Encrypted Message" subject in reply messages ------------------------------------------------------------------- Fri Apr 13 11:21:08 UTC 2018 - astieger@suse.com - enigmail 2.0.2, addressing more regressions in 2.0/2.0.1: * protected headers should not check for force-display part * Incorrectly displayed subject line in writing dialog when forwarding * Error in Preferences Dialog upon loading * Autocrypt messages were unreadable without Enigmail ------------------------------------------------------------------- Tue Apr 3 16:28:50 UTC 2018 - astieger@suse.com - enigmail 2.0.1, addressing several issues found in 2.0: * S/MIME signing/encryption not working correctly, if Enigmail is not enabled for an account * Emails fail to decrypt if the sender address contains brackets * Autocrypt-headers may flip manually created per-recipient rules * The key manager does not load if no key on the keyring ------------------------------------------------------------------- Mon Mar 26 08:22:06 UTC 2018 - astieger@suse.com - enigmail 2.0: * The Encryption and Signing buttons now work for both OpenPGP and S/MIME. Enigmail will chose between S/MIME or OpenPGP depending on whether the keys for all recipients are available for the respective standard. * Support for the Autocrypt standard, which is now enabled by default. * Support for Pretty Easy Privacy (p≡p) is implemented in Enigmail. * Support for Web Key Directory (WKD) is implemented. Enigmail will try to download unavailable keys during message composition from WKD. GnuPG 2.2.x is used the provider supports the Web Key Service protocol, users can also use Enigmail to upload keys to WKD. * The message subject can now be encrypted and replaced with a dummy subject, following the Memory Hole standard for protected Email Headers. * The keys on the keyring are automatically refreshed from keyservers at an irregular interval. * Enigmail was turned into a "restartless" addon. That is, once Enigmail is installed, subsequent updates will be installed without needing to restart Thunderbird. * Keys are internally addressed using the fingerprint instead of the key ID. - Use %license (boo#1082318) ------------------------------------------------------------------- Wed Dec 20 14:13:36 UTC 2017 - thardeck@suse.com - enigmail 1.9.9, fixing multiple vulnerabilities (boo#1073858): * Enigmail could be coerced to use a malicious PGP public key with a corresponding secret key controlled by an attacker * Enigmail could have replayed encrypted content in partially encrypted e-mails, allowing a plaintext leak * Enigmail could be tricked into displaying incorrect signature verification results * Specially crafted content may cause denial of service ------------------------------------------------------------------- Wed Oct 4 14:57:28 UTC 2017 - astieger@suse.com - enigmail 1.9.8.3: * move calling of subprocess library to the end ------------------------------------------------------------------- Tue Aug 22 10:46:32 UTC 2017 - astieger@suse.com - enigmail 1.9.8.2: * fixed wrong translation that break keygen dialog * make getting time format more robust * Add support for new type of broken exchange messages ------------------------------------------------------------------- Sun Jul 9 14:43:40 UTC 2017 - astieger@suse.com - enigmail 1.9.8.1: * handle EINTR cases of child process terminations ------------------------------------------------------------------- Wed Jul 5 06:29:32 UTC 2017 - astieger@suse.com - enigmail 1.9.8: * fix blocking in the mail sending process (boo#1047252) ------------------------------------------------------------------- Mon May 15 16:47:41 UTC 2017 - wr@rosenauer.org - enigmail 1.9.7: * This version fixes a compatibility bug on Thunderbird 52 that makes keyserver up/downloads unusable ------------------------------------------------------------------- Mon Nov 21 12:52:48 UTC 2016 - astieger@suse.com - enigmail 1.9.6.1: * fix locating of GnuPG executable (openSUSE not affected) ------------------------------------------------------------------- Sun Nov 13 12:02:26 UTC 2016 - astieger@suse.com - enigmail 1.9.6: * Better detection is decrypted message is displayed * New variant of PGP/MIME messages broken by MS-Exchange * Make key importing more robust ------------------------------------------------------------------- Mon Sep 5 14:30:21 UTC 2016 - astieger@suse.com - enigmail 1.9.5: * fix failure during GnuPG installation * Include AppData * Forwarding an encrypted message results in empty body * Fix parsing ofr last '=' in quoted-printable encoded encrypted/signed parts * fix regression in key selection for Per-Recipient-Rules - license is MPL-2.0, include license text ------------------------------------------------------------------- Wed Jul 13 13:14:13 UTC 2016 - astieger@suse.com - enigmail 1.9.4: * Improved compatibility with Send Later add-on * Various bugs fixed ------------------------------------------------------------------- Wed Jun 8 21:12:19 UTC 2016 - astieger@suse.com - enigmail 1.9.3: * Fix Decrypt loop with S/MIME self-signed mails * Fix Manage UIDs throws errors if called from key properties dialog * Fix No error message if configured key not found on keyring * Fix Enigmail munges display of messages with S/MIME signature * Allow importing of expired keys ------------------------------------------------------------------- Tue May 3 08:08:26 UTC 2016 - astieger@suse.com - enigmail 1.9.2: * Add support for Zimbra OpenPGP encrypted messages * Fix decrypt loop with S/MIME signed mails * Fix silently failing import of revocation certificate * Fix E-Mail saved as draft and reopened will show empty message * Fix multipart/signed mail without micalg parameter blank body * Fix display of changed key expiration date ------------------------------------------------------------------- Thu Apr 7 18:21:06 UTC 2016 - astieger@suse.com - enigmail 1.9.1: * fix recignition of MS Exchange messages * fix slow PGP/MIME signature verification with attachments * fix freeze with large mail with signature * fix backup/restore UI * fix UI issues with German umlauts ------------------------------------------------------------------- Mon Feb 29 15:12:52 UTC 2016 - astieger@suse.com - enigmail 1.9: * Added support for GnuPG 2.1 * Backup and restore of keys and Enigmail settings * Messages are sent using PGP/MIME by default * Several new dialog windows that improve usability * Added support for protected headers (off by default) * There is no binary component anymore - this version runs on all platforms for which Thunderbird and GnuPG are available. * gpg2 2.0.7 or newer required * no longer run tests, a utility is not available ------------------------------------------------------------------- Tue May 5 10:06:12 UTC 2015 - astieger@suse.com - enigmail 1.8.2, fixing the following bugs: * Punycode domain handling incorrect * Mail is not automatically encrypted anymore. Enigmail does not warn about unencrypted mail * Decrypted message, but "Error - decryption failed" or "Error - no matching private/secret key found to decrypt message" * Sign Button indicates wrong status on recipient rules * Decryption filter merges Received headers incorrectly * Questionmarks "???" in Enigmail menu and encrypting message only with senders key * Enigmail key management fails always fails to connect to keyservers when searching for keys * TB account hangs when filter for storing decrypted emails is applied to IMAP account * Deleting multiple keys in key manager fails * INV_RECP error message confuses new users ------------------------------------------------------------------- Thu Mar 26 10:38:58 UTC 2015 - astieger@suse.com - enigmail 1.8.1: * Improved user interface for message composition * Simplified setup wizard * Possibility to permanently decrypt messages via filter rules * Improved support for PGP/MIME messages from GPGTools sent from MS Exchange Server * Many bugs fixed * last major version to support GnuPG 1.4.x - packaging changes: * update upstream signing key * run unit tests during build * remove gpg-offline * run spec-cleaner * add upstream sourc URLs ------------------------------------------------------------------- Fri Aug 29 12:04:27 UTC 2014 - wr@rosenauer.org - update to version 1.7.2 (bmo#893330) * bugfix release which contains several bugfixes including mail with only Bcc recipients sent in plain text (CVE-2014-5369) ------------------------------------------------------------------- Sun Jul 20 12:31:49 UTC 2014 - wr@rosenauer.org - standalone enigmail 1.7 package previously built as part of MozillaThunderbird (since version 1.7 it's not required to build against Thunderbird sources anymore and compatibility to Thunderbird and SeaMonkey at the same time should be given)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor