Overview

File _patchinfo of Package patchinfo.9653

<patchinfo incident="9653">
  <issue tracker="bnc" id="1118935">VUL-0: enigmail: HTTP authentication dialog may be triggered (cross-site authentication)</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for enigmail to version 2.0.9 fixes the following issues:

Security issue fixed:

- When using Web Key Discovery, a HTTP authentication may be triggered.
  This may trick users into possibly sending e-mail credentials (bsc#1118935).

Non-security issues fixed:

- pEp - PGP/MIME signed-only messages are ignored
- Autocrypt overrules manually created Per-Recipient Rules
- "Re:" prefix on subject line disappears when editing encrypted, saved draft
</description>
  <summary>Security update for enigmail</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places