Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 30: 2020-83a9e4c25b Important: Firefox Add-on Security Update

fedora
Calendar Grey November 20, 2019
Dist Fedora Esm H88
Crucial patch release for Thunderbird Enigmail on Fedora 29 addresses critical weaknesses while boosting interoperability.
Security fix for CVE-2019-14664, CVE-2019-12269 and compatibility with Thunderbird 68

Summary

Enigmail is an extension to the mail client Mozilla Thunderbird

which allows users to access the authentication and encryption

features provided by GnuPG

Security fix for CVE-2019-14664, CVE-2019-12269 and compatibility with

Thunderbird 68

* Tue Nov 12 2019 Felix Schwarz - 2.1.3-4

- do not build package on armv7hl/s390x (thunderbird not available there)

* Mon Nov 11 2019 Felix Schwarz - 2.1.3-3

- enable GPG-based source file verification

- package license file

* Sat Nov 9 2019 Kai Hambrecht - 2.1.3-2

- adjust SPEC file rhbz#1752435

* Fri Nov 8 2019 Kai Hambrecht - 2.1.3-1

- update version to support TB 68

[ 1 ] Bug #1660478 - thunderbird-enigmail: HTTP authentication dialog may be triggered [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1660478

[ 2 ] Bug #1752435 - enigmail version 2.1 needs to be packaged to work with thunderbird 68

https://bugzilla.redhat.com/show_bug.cgi?id=1752435

[ 3 ] Bug #1749211 - CVE-2019-14664 thunderbird-enigmail: information leak in response to encrypted mail [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1749211

[ 4 ] Bug #1712723 - CVE-2019-12269 thunderbird-enigmail: signature spoofing in inline PGP message [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1712723

su -c 'dnf upgrade --advisory FEDORA-2019-941d57ed72' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory fedora critical authentication issue thunderbird enigmail encryption extension

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 29
Version: 2.1.3
Release: 4.fc29
URL: https://enigmail.net/index.php/en/
Summary: Authentication and encryption extension for Mozilla Thunderbird

Topics%20covered

Topics Covered

security advisory fedora critical authentication issue thunderbird enigmail encryption extension

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here