./mail/thunderbird-enigmail, GnuPG support for mail/thunderbird

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.0.12nb1, Package name: thunderbird-enigmail-2.0.12nb1, Maintainer: pkgsrc-users

Enigmail is a security extension to Mozilla Thunderbird and Seamonkey.
It integrates the renowned OpenPGP standard provided by GnuPG.

Sending and receiving encrypted and digitally signed email gets just
simple using Enigmail.


Required to run:
[security/gnupg2] [mail/thunderbird] [security/pinentry-gtk2] [lang/python27]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: e4964b059621c392fa36430b52e31656b6bae92a
RMD160: b0627517b6ad16e1dacd7a56e3b48fcd62cb3652
Filesize: 2553.31 KB

Version history: (Expand)


CVS history: (Expand)


   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-07-21 00:52:49 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
thunderbird-enigmail: update to 2.0.12.

Notable Changes

This release sets the default keyserver to keys.openpgp.org in
order to mitigate the SKS Keyserver Network Attack.
   2019-05-27 16:50:13 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
thunderbird-enigmail: update to 2.0.11.

This release addresses a security issue with inline-PGP messages
that allows an attacker to have Enigmail display a correctly signed
or encrypted message info, but display a different unauthenticated
text.
   2019-04-26 15:14:25 by Maya Rashish | Files touched by this commit (473)
Log message:
Omit mentions of python 34 and 35, after those were removed.

- Includes some whitespace changes, to be handled in a separate commit.
   2019-04-01 13:38:40 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
thunderbird-enigmail: update to 2.0.10.

Enigmail 2.0.10

Released 2019-03-24, works with Thunderbird 60.0.

Notable Changes

This is a maintenance and stability release.
   2019-02-13 22:59:31 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
thunderbird-enigmail: update to 2.0.9.

Enigmail 2.0.9

Released 2018-10-09, works with Thunderbird 60.0.

Notable Changes

This release addresses a security issue and solves a few regression bugs.

Bugs fixed:

    Check the full list of fixed defects.

Enigmail 2.0.8

Released 2018-08-04, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses a security issue and solves a few regression bugs.

Bugs fixed:

    A security issue has been fixed that allows an attacker to prepare a plain, \ 
unauthenticated HTML message in a way that it looks like it's signed and/or \ 
encrypted.
    Check the full list of fixed defects.

Enigmail 2.0.7

Released 2018-06-13, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses several critical security bugs.

Bugs fixed:

    Spoofing of Email signatures I (CVE-2018-12020): GnuPG 2.2.8 fixed a \ 
security bug that allows remote attackers to spoof arbitrary email signatures \ 
via the embedded "--filename" parameter in OpenPGP literal data \ 
packets. This release of Enigmail prevents the exploit for all versions of \ 
GnuPG, i.e. also if GnuPG is not updated.
    Spoofing of Email signatures II (CVE-2018-12019): The signature verification \ 
routine in Enigmail interpreted User IDs as status/control messages and did not \ 
correctly keep track of the status of multiple signatures. This allowed remote \ 
attackers to spoof arbitrary email signatures via public keys containing crafted \ 
primary user ids.
    Mozilla crash bug 1423895: if Enigmail is installed on Thunderbird 60b7 \ 
together with the Add-Ons "CardBook", "QuickFolders" (and \ 
possibly other Add-Ons), then Thunderbird will crash as soon as an \ 
Enigmail-specific window is opened. This version implements a workaround for the \ 
Mozilla bug.

Enigmail 2.0.6

Released 2018-05-27, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses a vulnerability that would allow an attacker to make a \ 
victim respond to a partially encrypted message and thus reveal protected \ 
information.

Bugs fixed:

Check the full list of fixed defects.

Enigmail 2.0.5

Released 2018-05-21, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release implements a fix that prevents any form of the Efail vulnerability \ 
and similar attacks. We recommend to upgrade to this version as soon as \ 
possible.

Bugs fixed:

Check the full list of fixed defects.

Enigmail 2.0.4

Released 2018-05-16, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release implements two workarounds to prevent from Efail vulnerabilities. \ 
We recommend to upgrade to this version as soon as possible.

Bugs fixed:

Check the full list of fixed defects.

Enigmail 2.0.3

Released 2018-05-08, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses several defects, including a crash when accessing \ 
encrypted forwarded messages.

Bugs fixed:

Check the full list of fixed defects.

Enigmail 2.0.2

Released 2018-04-12, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses some regressions found in version 2.0/2.0.1.

Bugs fixed:

Check the full list of fixed defects.

Enigmail 2.0.1

Released 2018-04-02, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

This release addresses several defects found in version 2.0.

Bugs fixed:

    S/MIME signing/encryption not working correctly, if Enigmail is not enabled \ 
for an account
    Emails fail to decrypt if the sender address contains brackets
    Autocrypt-headers may flip manually created per-recipient rules
    The key manager does not load if no key on the keyring

Check the full list of fixed defects.

Enigmail 2.0

Released 2018-03-25, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.

Notable Changes

    The Encryption and Signing buttons now work for both OpenPGP and S/MIME. \ 
Enigmail will chose between S/MIME or OpenPGP depending on whether the keys for \ 
all recipients are available for the respective standard.
    Support for Pretty Easy Privacy (p≡p) is implemented in Enigmail. p≡p is \ 
active by default for new users.
    Support for the Autocrypt standard, which is now enabled by default. If \ 
Enigmail is used in the "classical mode" (with p≡p disabled) then \ 
Autocrypt is enabled by default.
    Support for Web Key Directory (WKD) is implemented. Enigmail will try to \ 
download unavailable keys during message composition from WKD. If you use GnuPG \ 
2.2.x, and your provider supports the Web Key Service protocol, you can also use \ 
Enigmail to upload your key to WKD.
    The message subject can now be encrypted and replaced with a dummy subject, \ 
following the Memory Hole standard for protected Email Headers.
    The keys on the keyring are automatically refreshed from keyservers at an \ 
irregular interval.
    Enigmail was turned into a "restartless" addon. That is, once you \ 
installed Enigmail 2.0, subsequent updates will be installed without needing to \ 
restart Thunderbird.
    Keys are internally addressed using the fingerprint instead of the key ID.
    The minimum GnuPG version supported is now 2.0.16.
    Cygwin-versions of GnuPG are no longer supported.

Bugs fixed

Many bugs were fixed. Check the list of fixed defects.
   2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558)
Log message:
Recursive bump for perl5-5.28.0
   2018-07-03 07:03:44 by Adam Ciarcinski | Files touched by this commit (495)
Log message:
extend PYTHON_VERSIONS_ for Python 3.7