openSUSE Security Update: Security update for enigmail ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1454-1 Rating: moderate References: #1094781 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for enigmail to version 2.0.6 fixes the following issues: Security issues fixed: - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data (boo#1094781) - Signature could be spoofed via Inline-PGP in HTML Mails The following bugs were fixed: - Filter actions could forget selected mail folder names Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-535=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-535=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): enigmail-2.0.6-18.1 - openSUSE Leap 15.0 (x86_64): enigmail-2.0.6-lp150.2.9.1 References: https://bugzilla.suse.com/1094781