Register | Log in

enigmail

GPG support for Thunderbird and Debian Icedove

Choose email to subscribe with

general

source: enigmail (main)
version: 2:2.1.5+ds1-1
maintainer: Debian Mozilla Extension Maintainers (archive) (DMD)
uploaders: Alexander Sack [DMD] – Daniel Kahn Gillmor [DMD] – Willi Mann [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2:1.9.9-1~deb8u1
o-o-sec: 2:1.9.9-1~deb8u1
oldstable: 2:2.0.8-5~deb9u1
old-sec: 2:1.9.9-1~deb9u1
stable: 2:2.1.3+ds1-4~deb10u2
stable-sec: 2:2.1.3+ds1-4~deb10u2
testing: 2:2.1.5+ds1-1
unstable: 2:2.1.5+ds1-1

versioned links

2:1.9.9-1~deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:1.9.9-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:2.0.8-5~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:2.1.3+ds1-4~deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:2.1.5+ds1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

enigmail (42 bugs: 1, 29, 12, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:02:54
Last run: 2020-02-21 01:32:55 UTC
Previous status: pass

testing: pass (log)
The tests ran in 0:02:46
Last run: 2020-02-14 08:22:22 UTC
Previous status: pass

stable: fail (log)
The tests ran in 0:00:48
Last run: 2020-01-01 20:32:42 UTC
Previous status: fail

Created: 2019-09-01 Last update: 2020-02-23 17:04

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-14664: In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.

Please fix it.

Created: 2019-08-06 Last update: 2020-02-08 18:32

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-14664: In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.

Please fix it.

Created: 2019-08-06 Last update: 2020-02-08 18:32

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-14664: In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.

Please fix it.

Created: 2019-05-22 Last update: 2020-02-08 18:32

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2019-14664: In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.
CVE-2019-12269: Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.

Please fix them.

Created: 2019-05-22 Last update: 2020-02-08 18:32

news

[2020-02-05] enigmail 2:2.1.5+ds1-1 MIGRATED to testing (Debian testing watch)
[2020-01-22] Accepted enigmail 2:2.1.5+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2020-01-01] Accepted enigmail 2:2.1.3+ds1-4~deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Daniel Kahn Gillmor)
[2019-11-24] Accepted enigmail 2:2.1.3+ds1-4~deb10u2 (source) into stable->embargoed, stable (Daniel Kahn Gillmor)
[2019-11-09] Accepted enigmail 2:2.1.3+ds1-4 (source) into unstable (Daniel Kahn Gillmor)
[2019-11-09] Accepted enigmail 2:2.1.3+ds1-3+exp2 (source) into experimental (Daniel Kahn Gillmor)
[2019-11-09] Accepted enigmail 2:2.1.3+ds1-3+exp1 (source) into experimental (Daniel Kahn Gillmor)
[2019-11-09] Accepted enigmail 2:2.1.3+ds1-3 (source) into unstable (Daniel Kahn Gillmor)
[2019-11-08] Accepted enigmail 2:2.1.3+ds1-2 (source) into unstable (Daniel Kahn Gillmor)
[2019-11-06] Accepted enigmail 2:2.1.3+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2019-08-22] Accepted enigmail 2:2.0.12+ds1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Daniel Kahn Gillmor)
[2019-07-14] enigmail 2:2.0.12+ds1-1 MIGRATED to testing (Debian testing watch)
[2019-07-12] Accepted enigmail 2:2.0.12+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2019-07-09] enigmail 2:2.0.11+ds1-2 MIGRATED to testing (Debian testing watch)
[2019-05-30] Accepted enigmail 2:2.0.11+ds1-2 (source) into unstable (Daniel Kahn Gillmor)
[2019-05-24] Accepted enigmail 2:2.0.11+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2019-04-18] enigmail 2:2.0.10+ds1-1 MIGRATED to testing (Debian testing watch)
[2019-04-16] Accepted enigmail 2:2.0.10+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2018-12-19] enigmail 2:2.0.9+ds1-2 MIGRATED to testing (Debian testing watch)
[2018-12-16] Accepted enigmail 2:2.0.9+ds1-2 (source) into unstable (Daniel Kahn Gillmor)
[2018-12-16] enigmail 2:2.0.9+ds1-1 MIGRATED to testing (Debian testing watch)
[2018-12-13] Accepted enigmail 2:2.0.9+ds1-1 (source) into unstable (Daniel Kahn Gillmor)
[2018-11-03] Accepted enigmail 2:2.0.8-5~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Daniel Kahn Gillmor)
[2018-10-08] enigmail 2:2.0.8-5 MIGRATED to testing (Debian testing watch)
[2018-10-05] Accepted enigmail 2:2.0.8-5 (source) into unstable (Daniel Kahn Gillmor)
[2018-10-05] enigmail 2:2.0.8-4 MIGRATED to testing (Debian testing watch)
[2018-10-02] Accepted enigmail 2:2.0.8-4 (source) into unstable (Daniel Kahn Gillmor)
[2018-10-02] Accepted enigmail 2:2.0.8-3 (source) into unstable (Daniel Kahn Gillmor)
[2018-09-30] Accepted enigmail 2:2.0.8-2 (source) into unstable (Daniel Kahn Gillmor)
[2018-09-19] enigmail 2:2.0.8-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 40 42
RC: 1
I&N: 28 29
M&W: 11 12
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:2.1.5+ds1-1
13 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing