Navigation:
Browse pkgsrc
(this page)| 2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) |
Log message: Bump PKGREVISIONs for perl 5.30.0 |
2019-07-21 00:52:49 by Thomas Klausner | Files touched by this commit (2) |  |
Log message: thunderbird-enigmail: update to 2.0.12. Notable Changes This release sets the default keyserver to keys.openpgp.org in order to mitigate the SKS Keyserver Network Attack. |
| 2019-05-27 16:50:13 by Thomas Klausner | Files touched by this commit (2) | |
Log message: thunderbird-enigmail: update to 2.0.11. This release addresses a security issue with inline-PGP messages that allows an attacker to have Enigmail display a correctly signed or encrypted message info, but display a different unauthenticated text. |
| 2019-04-26 15:14:25 by Maya Rashish | Files touched by this commit (473) |
Log message: Omit mentions of python 34 and 35, after those were removed. - Includes some whitespace changes, to be handled in a separate commit. |
| 2019-04-01 13:38:40 by Thomas Klausner | Files touched by this commit (3) | |
Log message: thunderbird-enigmail: update to 2.0.10. Enigmail 2.0.10 Released 2019-03-24, works with Thunderbird 60.0. Notable Changes This is a maintenance and stability release. |
| 2019-02-13 22:59:31 by Thomas Klausner | Files touched by this commit (4) | |
Log message:
thunderbird-enigmail: update to 2.0.9.
Enigmail 2.0.9
Released 2018-10-09, works with Thunderbird 60.0.
Notable Changes
This release addresses a security issue and solves a few regression bugs.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.8
Released 2018-08-04, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses a security issue and solves a few regression bugs.
Bugs fixed:
A security issue has been fixed that allows an attacker to prepare a plain, \
unauthenticated HTML message in a way that it looks like it's signed and/or \
encrypted.
Check the full list of fixed defects.
Enigmail 2.0.7
Released 2018-06-13, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several critical security bugs.
Bugs fixed:
Spoofing of Email signatures I (CVE-2018-12020): GnuPG 2.2.8 fixed a \
security bug that allows remote attackers to spoof arbitrary email signatures \
via the embedded "--filename" parameter in OpenPGP literal data \
packets. This release of Enigmail prevents the exploit for all versions of \
GnuPG, i.e. also if GnuPG is not updated.
Spoofing of Email signatures II (CVE-2018-12019): The signature verification \
routine in Enigmail interpreted User IDs as status/control messages and did not \
correctly keep track of the status of multiple signatures. This allowed remote \
attackers to spoof arbitrary email signatures via public keys containing crafted \
primary user ids.
Mozilla crash bug 1423895: if Enigmail is installed on Thunderbird 60b7 \
together with the Add-Ons "CardBook", "QuickFolders" (and \
possibly other Add-Ons), then Thunderbird will crash as soon as an \
Enigmail-specific window is opened. This version implements a workaround for the \
Mozilla bug.
Enigmail 2.0.6
Released 2018-05-27, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses a vulnerability that would allow an attacker to make a \
victim respond to a partially encrypted message and thus reveal protected \
information.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.5
Released 2018-05-21, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release implements a fix that prevents any form of the Efail vulnerability \
and similar attacks. We recommend to upgrade to this version as soon as \
possible.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.4
Released 2018-05-16, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release implements two workarounds to prevent from Efail vulnerabilities. \
We recommend to upgrade to this version as soon as possible.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.3
Released 2018-05-08, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several defects, including a crash when accessing \
encrypted forwarded messages.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.2
Released 2018-04-12, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses some regressions found in version 2.0/2.0.1.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.1
Released 2018-04-02, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several defects found in version 2.0.
Bugs fixed:
S/MIME signing/encryption not working correctly, if Enigmail is not enabled \
for an account
Emails fail to decrypt if the sender address contains brackets
Autocrypt-headers may flip manually created per-recipient rules
The key manager does not load if no key on the keyring
Check the full list of fixed defects.
Enigmail 2.0
Released 2018-03-25, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
The Encryption and Signing buttons now work for both OpenPGP and S/MIME. \
Enigmail will chose between S/MIME or OpenPGP depending on whether the keys for \
all recipients are available for the respective standard.
Support for Pretty Easy Privacy (p≡p) is implemented in Enigmail. p≡p is \
active by default for new users.
Support for the Autocrypt standard, which is now enabled by default. If \
Enigmail is used in the "classical mode" (with p≡p disabled) then \
Autocrypt is enabled by default.
Support for Web Key Directory (WKD) is implemented. Enigmail will try to \
download unavailable keys during message composition from WKD. If you use GnuPG \
2.2.x, and your provider supports the Web Key Service protocol, you can also use \
Enigmail to upload your key to WKD.
The message subject can now be encrypted and replaced with a dummy subject, \
following the Memory Hole standard for protected Email Headers.
The keys on the keyring are automatically refreshed from keyservers at an \
irregular interval.
Enigmail was turned into a "restartless" addon. That is, once you \
installed Enigmail 2.0, subsequent updates will be installed without needing to \
restart Thunderbird.
Keys are internally addressed using the fingerprint instead of the key ID.
The minimum GnuPG version supported is now 2.0.16.
Cygwin-versions of GnuPG are no longer supported.
Bugs fixed
Many bugs were fixed. Check the list of fixed defects.
|
| 2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558) |
Log message: Recursive bump for perl5-5.28.0 |
| 2018-07-03 07:03:44 by Adam Ciarcinski | Files touched by this commit (495) |
Log message: extend PYTHON_VERSIONS_ for Python 3.7 |
| 2017-12-26 13:43:43 by Thomas Klausner | Files touched by this commit (3) | |
Log message: thunderbird-enigmail: update to 1.9.9. Security fixes. |
| 2017-11-23 21:38:24 by Thomas Klausner | Files touched by this commit (2) | |
Log message: thunderbird-enigmail: update to 1.9.8.3. bugfix release |
New packages: