| Release | Version |
|---|---|
| jessie | 2:1.9.9-1~deb8u1 |
| buster | 2:2.2.4-0.2~deb10u1 |
| buster (lts) | 2:2.1.3+ds1-4~deb10u2 |
| bullseye | 2:2.2.4-0.3 |
| Bug | jessie | buster | bullseye | Description |
|---|---|---|---|---|
| CVE-2019-14664 | vulnerable | fixed | fixed | In Enigmail below 2.1, an attacker in possession of PGP encrypted emai ... |
| CVE-2019-12269 | vulnerable | fixed | fixed | Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PG ... |
| CVE-2018-15586 | vulnerable | fixed | fixed | Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed ... |
| CVE-2018-12020 | vulnerable | fixed | fixed | mainproc.c in GnuPG before 2.2.8 mishandles the original filename duri ... |
| CVE-2018-12019 | vulnerable | fixed | fixed | The signature verification routine in Enigmail before 2.0.7 interprets ... |
| CVE-2017-17688 | vulnerable | fixed | fixed | The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleabi ... |
| Bug | Description |
|---|---|
| CVE-2017-17848 | An issue was discovered in Enigmail before 1.9.9. In a variant of CVE- ... |
| CVE-2017-17847 | An issue was discovered in Enigmail before 1.9.9. Signature spoofing i ... |
| CVE-2017-17846 | An issue was discovered in Enigmail before 1.9.9. Regular expressions ... |
| CVE-2017-17845 | An issue was discovered in Enigmail before 1.9.9. Improper Random Secr ... |
| CVE-2017-17844 | An issue was discovered in Enigmail before 1.9.9. A remote attacker ca ... |
| CVE-2017-17843 | An issue was discovered in Enigmail before 1.9.9 that allows remote at ... |
| CVE-2014-5369 | Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ... |
| CVE-2007-1264 | Enigmail 0.94.2 and earlier does not properly use the --status-fd argu ... |
| CVE-2006-5877 | The enigmail extension before 0.94.2 does not properly handle large, e ... |
| CVE-2005-3256 | The key selection dialogue in Enigmail before 0.92.1 can incorrectly s ... |
| DSA / DLA | Description |
|---|---|
| DLA-1219-1 | enigmail - security update |
| DSA-4070-1 | enigmail - security update |
| DLA-1086-1 | enigmail - security update |
| DSA-3921-1 | enigmail - update |
| DLA-523-1 | enigmail - security update |
| DSA-889-1 | enigmail - programming error |