Source: enigmail Source-Version: 2:2.0.11+ds1-1 On Wed, May 22, 2019 at 02:25:42PM +0200, Salvatore Bonaccorso wrote: > Source: enigmail > Version: 2:2.0.10+ds1-1 > Severity: important > Tags: security upstream > Forwarded: https://sourceforge.net/p/enigmail/bugs/983/ > > Hi, > > The following vulnerability was published for enigmail. > > CVE-2019-12269[0]: > | Enigmail before 2.0.11 allows PGP signature spoofing: for an inline > | PGP message, an attacker can cause the product to display a "correctly > | signed" message indication, but display different unauthenticated > | text.
This issue was adressed 2.0.11 upstream, closing manually. Regards, Salvatore
