Overview

File _patchinfo of Package patchinfo.9280

<patchinfo incident="9280">
  <issue tracker="bnc" id="1118935">VUL-0: enigmail: HTTP authentication dialog may be triggered (cross-site authentication)</issue>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for enigmail to version 2.0.9 fixes the following issues:

Security issues fixed:
  * An HTTP authentication dialog maybe displayed during web key
    discovery, allowing remote attackers to possibly trick the user
    into entering e-mail credentials (boo#1118935)

Non security issues fixed:

  * pEp - PGP/MIME signed-only messages are ignored
  * Autocrypt overrules manually created Per-Recipient Rules
  * "Re:" prefix on subject line disappears when editing encrypted, saved draft
</description>
  <summary>Recommended update for enigmail</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places