[Enigmail] Re: [ANN] Security Alert - Upgrade Recommended
patrick at mozilla-enigmail.org
Mon Sep 12 09:50:44 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Here we go again -- this time without the patch. I hope the mailing list
now doesn't modify the message anymore. The patch is available as
clearsigned text from:
Patrick Brunschwig wrote:
> The following security issue has been detected by Hadmut Danisch:
> If an OpenPGP key contains an empty User ID, then the Key Selection
> Dialog in Enigmail used for selecting the keys to encrypt messages will
> always pre-select the key with the empty User ID, even if the mail
> should not be encrypted for such a key.
> I have released Enigmail v0.92.1 in response to this bug. Upgrades are
> available for Windows, Linux, and Mac OS X from:
> We recommend to upgrade to Enigmail v0.92.1 as soon as possible.
> The patch for fixing this bug is attached to this message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Enigmail