Hello community, here is the log from the commit of package enigmail for openSUSE:Factory checked in at 2018-05-22 17:02:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/enigmail (Old) and /work/SRC/openSUSE:Factory/.enigmail.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "enigmail" Tue May 22 17:02:10 2018 rev:25 rq:611144 version:2.0.5 Changes: -------- --- /work/SRC/openSUSE:Factory/enigmail/enigmail.changes 2018-05-17 18:05:10.380419137 +0200 +++ /work/SRC/openSUSE:Factory/.enigmail.new/enigmail.changes 2018-05-22 17:02:13.595647951 +0200 @@ -1,0 +2,9 @@ +Tue May 22 06:01:27 UTC 2018 - astieger@suse.com + +- enigmail 2.0.5: + * Improvements on previous fixes on CVE-2017-17688, bsc#1093151 + and CVE-2017-17689, bsc#1093152 (EFAIL): + - do not decrypt MIME parts unnecessarily + - improve Error Message for Missing MDC + +------------------------------------------------------------------- Old: ---- enigmail-2.0.4.tar.gz enigmail-2.0.4.tar.gz.asc New: ---- enigmail-2.0.5.tar.gz enigmail-2.0.5.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ enigmail.spec ++++++ --- /var/tmp/diff_new_pack.S4gclz/_old 2018-05-22 17:02:14.587611851 +0200 +++ /var/tmp/diff_new_pack.S4gclz/_new 2018-05-22 17:02:14.587611851 +0200 @@ -18,7 +18,7 @@ Name: enigmail -Version: 2.0.4 +Version: 2.0.5 Release: 0 Summary: OpenPGP addon for Thunderbird and SeaMonkey License: MPL-2.0 ++++++ enigmail-2.0.4.tar.gz -> enigmail-2.0.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/Makefile new/enigmail/Makefile --- old/enigmail/Makefile 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/Makefile 2018-05-21 17:21:59.000000000 +0200 @@ -3,7 +3,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. XPI_MODULE = enigmail -XPI_MODULE_VERS = 2.0.4 +XPI_MODULE_VERS = 2.0.5 DEPTH = . diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/configure new/enigmail/configure --- old/enigmail/configure 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/configure 2018-05-21 17:21:59.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for enigmail 2.0.4. +# Generated by GNU Autoconf 2.69 for enigmail 2.0.5. # # Report bugs to https://www.enigmail.net. # @@ -579,8 +579,8 @@ # Identity of this package. PACKAGE_NAME='enigmail' PACKAGE_TARNAME='enigmail' -PACKAGE_VERSION='2.0.4' -PACKAGE_STRING='enigmail 2.0.4' +PACKAGE_VERSION='2.0.5' +PACKAGE_STRING='enigmail 2.0.5' PACKAGE_BUGREPORT='https://www.enigmail.net' PACKAGE_URL='' @@ -1195,7 +1195,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures enigmail 2.0.4 to adapt to many kinds of systems. +\`configure' configures enigmail 2.0.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1261,7 +1261,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of enigmail 2.0.4:";; + short | recursive ) echo "Configuration of enigmail 2.0.5:";; esac cat <<\_ACEOF @@ -1343,7 +1343,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -enigmail configure 2.0.4 +enigmail configure 2.0.5 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1360,7 +1360,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by enigmail $as_me 2.0.4, which was +It was created by enigmail $as_me 2.0.5, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/configure.ac new/enigmail/configure.ac --- old/enigmail/configure.ac 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/configure.ac 2018-05-21 17:21:59.000000000 +0200 @@ -2,7 +2,7 @@ AC_PREREQ(2.61) min_automake_version="1.10" -AC_INIT([enigmail],[2.0.4], [https://www.enigmail.net]) +AC_INIT([enigmail],[2.0.5], [https://www.enigmail.net]) AC_PATH_PROG(PYTHON, "python2") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/ca/enigmail.properties new/enigmail/lang/ca/enigmail.properties --- old/enigmail/lang/ca/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/ca/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Error - ha fallat el desxifratge badPhrase=Error - contrasenya incorrecta failedDecryptVerify=Error - ha fallat el desxifratge/verificació +mdcError=Error - el missatge no tenia protecció d'integritat viewInfo=; Visualitza > Informació de seguretat del missatge per als detalls decryptedMsg=Missatge desxifrat diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/cs/enigmail.properties new/enigmail/lang/cs/enigmail.properties --- old/enigmail/lang/cs/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/cs/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Chyba - dešifrování selhalo badPhrase=Chyba - špatné heslo failedDecryptVerify=Chyba - dešifrování/ověření selhalo +mdcError=Chyba - zpráva nebyla chráněna proti porušení její integrity viewInfo=; Zobrazit > Bezpečnostní informace zprávy pro podrobnosti decryptedMsg=Dešifrovaná zpráva diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/de/enigmail.properties new/enigmail/lang/de/enigmail.properties --- old/enigmail/lang/de/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/de/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Fehler – Entschlüsselung fehlgeschlagen badPhrase=Fehler – falsche Passphrase failedDecryptVerify=Fehler – Entschlüsselung/Überprüfung fehlgeschlagen +mdcError=Fehler - Nachricht enthält keinen Integritätsschutz (MDC) viewInfo=; Ansicht > Nachrichtensicherheitsinformation für Details decryptedMsg=Entschlüsselte Nachricht diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/el/enigmail.properties new/enigmail/lang/el/enigmail.properties --- old/enigmail/lang/el/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/el/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Σφάλμα - η αποκρυπτογράφηση απέτυχε badPhrase=Σφάλμα - κακή δράση κωδικού failedDecryptVerify=Σφάλμα - η αποκρυπτογράφηση/επαλήθευση απέτυχε +mdcError=Σφάλμα - δεν προστατεύτηκε η ακεραιότητα του μηύματος viewInfo=· Προβολή > Πληροφορίες ασφαλείας μηνύματος decryptedMsg=Αποκρυπτογραφημένο μήνυμα diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/es-ES/enigmail.properties new/enigmail/lang/es-ES/enigmail.properties --- old/enigmail/lang/es-ES/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/es-ES/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Error - Fallo al descifrar badPhrase=Error - Contraseña incorrecta failedDecryptVerify=Error - Fallo al descifrar/verificar +mdcError=Error - la intgridad del mensaje no está protegida viewInfo=; Ver > Información de seguridad del mensaje, para los detalles decryptedMsg=Mensaje descifrado diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/fi/enigmail.properties new/enigmail/lang/fi/enigmail.properties --- old/enigmail/lang/fi/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/fi/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Virhe - salauksen purkaminen epäonnistui badPhrase=Virhe - väärä salasana failedDecryptVerify=Virhe - salauksen purkaminen tai viestin varmistus epäonnistui +mdcError=Virhe - viestin eheyttä ei oltu suojattu viewInfo=. Näytä > Viestin turvallisuustiedot lukeaksesi lisätietoja decryptedMsg=Viesti, jonka salaus on purettu diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/fr/enigmail.properties new/enigmail/lang/fr/enigmail.properties --- old/enigmail/lang/fr/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/fr/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -280,6 +280,7 @@ needKey=Erreur — aucune clé privée n’a été trouvée pour déchiffrer le message failedDecrypt=Erreur — échec de déchiffrement badPhrase=Erreur — phrase de passe erronée +mdcError=Erreur - l'intégrité du message n'était pas protégée failedDecryptVerify=Erreur — échec du déchiffrement ou de la vérification viewInfo= ; pour plus de détails, Affichage > Infos de sécurité Enigmail diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/gl/enigmail.properties new/enigmail/lang/gl/enigmail.properties --- old/enigmail/lang/gl/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/gl/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Erro - fallou o descifrado badPhrase=Erro - mala frase secreta failedDecryptVerify=Erro - fallou o descifrado/verificación +mdcError=Erro - a mensaxe non tiña protección de integridade viewInfo=; Ver > Información de seguridade da mensaxe para ver os detalles decryptedMsg=Mensaxe descifrada diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/hu/enigmail.properties new/enigmail/lang/hu/enigmail.properties --- old/enigmail/lang/hu/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/hu/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Hiba – Visszafejtés sikertelen badPhrase=Hiba – Rossz jelmondat failedDecryptVerify=Hiba – A visszafejtés és az ellenőrzés sikertelen +mdcError=Hiba – Az üzenetet nem látták el integritásvédelemmel viewInfo=; további részletek: „Nézet → Üzenet biztonsági adatai” decryptedMsg=Visszafejtett üzenet diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/it/enigmail.properties new/enigmail/lang/it/enigmail.properties --- old/enigmail/lang/it/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/it/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Errore - decifratura non riuscita badPhrase=Errore - frase segreta non valida failedDecryptVerify=Errore - decifratura/verifica non riuscita +mdcError=Errore - l'integrità del messaggio non era protetta viewInfo=; Visualizza > Informazioni di sicurezza messaggio per i dettagli decryptedMsg=Messaggio decifrato diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/ja/enigmail.properties new/enigmail/lang/ja/enigmail.properties --- old/enigmail/lang/ja/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/ja/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=エラー - 復号に失敗しました badPhrase=エラー - 無効なパスフレーズです failedDecryptVerify=エラー - 復号/検証に失敗しました +mdcError=エラー - メッセージの完全性は保護されていません viewInfo=; 詳細は「メッセージのセキュリティ情報」を確認してください decryptedMsg=復号されたメッセージ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/nb-NO/enigmail.properties new/enigmail/lang/nb-NO/enigmail.properties --- old/enigmail/lang/nb-NO/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/nb-NO/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Feil - Dekryptering feilet badPhrase=Feil - Feil passfrase failedDecryptVerify=Feil - Dekryptering / Verifisering feilet +mdcError=Feil - meldinga var ikke integritetsbeskyttet viewInfo=; Vis -> Meldings sikkerhetsinfo for detaljer decryptedMsg=Dekryptert melding diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/pl/enigmail.properties new/enigmail/lang/pl/enigmail.properties --- old/enigmail/lang/pl/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/pl/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Błąd – nie powiodło się odszyfrowanie badPhrase=Błąd – nieprawidłowy szyfr failedDecryptVerify=Błąd – nie powiodło się odszyfrowanie/weryfikacja +mdcError=Błąd – wiadomość nie była zabezpieczona przed manipulacją viewInfo=; Widok » Informacje o zabezpieczeniach wiadomości, aby zobaczyć szczegóły decryptedMsg=Odszyfrowana wiadomość diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/pt-BR/enigmail.properties new/enigmail/lang/pt-BR/enigmail.properties --- old/enigmail/lang/pt-BR/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/pt-BR/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Erro - descriptografia falhou badPhrase=Erro - senha incorreta failedDecryptVerify=Erro - descriptografia/verificação falhou +mdcError=Erro - a mensagem não tinha a sua integridade protegida viewInfo=; Ver > Informações de Segurança da Mensagem para detalhes decryptedMsg=Mensagem descriptografada diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/pt-PT/enigmail.properties new/enigmail/lang/pt-PT/enigmail.properties --- old/enigmail/lang/pt-PT/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/pt-PT/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Erro - foi impossível decifrar badPhrase=Erro - senha incorreta failedDecryptVerify=Erro - foi impossível decifrar/verificar +mdcError=Erro - a mensagem não tinha a sua integridade protegida viewInfo=; Escolha Ver > Informação de segurança da mensagem para mais informação decryptedMsg=Mensagem decifrada diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/ru/enigmail.properties new/enigmail/lang/ru/enigmail.properties --- old/enigmail/lang/ru/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/ru/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Ошибка - ошибка расшифровки badPhrase=Ошибка - неверный пароль failedDecryptVerify=Ошибка - ошибка расшифровки или проверки действительности +mdcError=Ошибка - целостность сообщения не защищена viewInfo=; выберите \\"Вид\\" > \\"Информация о защите сообщения\\" decryptedMsg=Расшифрованное сообщение diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/sk/enigmail.properties new/enigmail/lang/sk/enigmail.properties --- old/enigmail/lang/sk/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/sk/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Chyba - dešifrovanie zlyhalo badPhrase=Chyba - zlé heslo failedDecryptVerify=Chyba - dešifrovanie/overenie zlyhalo +mdcError=Chyba - správa nemá ochranu integrity viewInfo=; Zobraziť > Bezpečnostné informácie správy pre podrobnosti decryptedMsg=Dešifrovaná správa diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/sv-SE/enigmail.properties new/enigmail/lang/sv-SE/enigmail.properties --- old/enigmail/lang/sv-SE/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/sv-SE/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Fel - dekryptering misslyckades badPhrase=Fel - dålig lösenfras failedDecryptVerify=Fel - dekryptering/verifiering misslyckades +mdcError=Fel - detta meddelande var inte integritetsskyddat viewInfo=; Visa > Meddelande säkerhetsinformation för detaljer decryptedMsg=Dekrypterat meddelande diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/tr/enigmail.properties new/enigmail/lang/tr/enigmail.properties --- old/enigmail/lang/tr/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/tr/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=Hata - deşifreleme başarısız badPhrase=Hata - kötü parola failedDecryptVerify=Hata - deşifreleme/doğrulama başarısız +mdcError=Hata - ileti bütünlük korumalı değildi viewInfo=; detaylar için Görünüm > Mesaj güvenliği bilgisi decryptedMsg=Deşifrelenmiş mesaj diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/zh-CN/enigmail.properties new/enigmail/lang/zh-CN/enigmail.properties --- old/enigmail/lang/zh-CN/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/zh-CN/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=错误 - 解密失败 badPhrase=错误 - 口令不符 failedDecryptVerify=错误 - 解密/验证失败 +mdcError=错误 - 报文未受到完整的保护 viewInfo=;选择“查看 > Enigmail 信息”查看详细信息 decryptedMsg=已解密的邮件 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/lang/zh-TW/enigmail.properties new/enigmail/lang/zh-TW/enigmail.properties --- old/enigmail/lang/zh-TW/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/lang/zh-TW/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -281,6 +281,7 @@ failedDecrypt=錯誤 - 解密失敗 badPhrase=錯誤 - 密語無效 failedDecryptVerify=錯誤 - 解密/驗證失敗 +mdcError=錯誤 - 訊息未受到完整的保護 viewInfo=,請參考檢視 > 訊息安全性資訊 decryptedMsg=解密後的訊息 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/constants.jsm new/enigmail/package/constants.jsm --- old/enigmail/package/constants.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/constants.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -100,7 +100,7 @@ DECRYPTION_INCOMPLETE: 0x00008000, DECRYPTION_FAILED: 0x00010000, DECRYPTION_OKAY: 0x00020000, - UNTRUSTED_IDENTITY: 0x00040000, + MISSING_MDC: 0x00040000, TRUSTED_IDENTITY: 0x00080000, PGP_MIME_SIGNED: 0x00100000, PGP_MIME_ENCRYPTED: 0x00200000, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/errorHandling.jsm new/enigmail/package/errorHandling.jsm --- old/enigmail/package/errorHandling.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/errorHandling.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -22,7 +22,7 @@ Cu.import("resource://enigmail/lazy.jsm"); /* global EnigmailLazy: false */ const getEnigmailKeyRing = EnigmailLazy.loader("enigmail/keyRing.jsm", "EnigmailKeyRing"); - +const getEnigmailGpg = EnigmailLazy.loader("enigmail/gpg.jsm", "EnigmailGpg"); const gStatusFlags = { GOODSIG: EnigmailConstants.GOOD_SIGNATURE, @@ -44,9 +44,6 @@ ERROR: EnigmailConstants.BAD_SIGNATURE | EnigmailConstants.DECRYPTION_FAILED, DECRYPTION_FAILED: EnigmailConstants.DECRYPTION_FAILED, DECRYPTION_OKAY: EnigmailConstants.DECRYPTION_OKAY, - TRUST_UNDEFINED: EnigmailConstants.UNTRUSTED_IDENTITY, - TRUST_NEVER: EnigmailConstants.UNTRUSTED_IDENTITY, - TRUST_MARGINAL: EnigmailConstants.UNTRUSTED_IDENTITY, TRUST_FULLY: EnigmailConstants.TRUSTED_IDENTITY, TRUST_ULTIMATE: EnigmailConstants.TRUSTED_IDENTITY, CARDCTRL: EnigmailConstants.CARDCTRL, @@ -56,7 +53,8 @@ END_ENCRYPTION: EnigmailConstants.END_ENCRYPTION, INV_SGNR: 0x100000000, IMPORT_OK: 0x200000000, - FAILURE: 0x400000000 + FAILURE: 0x400000000, + DECRYPTION_INFO: 0x800000000 }; // taken from libgpg-error: gpg-error.h @@ -298,6 +296,24 @@ } } +function decryptionInfo(c) { + // Recognize "DECRYPTION_INFO 0 1 2" + if (c.statusLine.search(/DECRYPTION_INFO /) >= 0) { + let lineSplit = c.statusLine.split(/ +/); + + let mdcMethod = lineSplit[1]; + let aeadAlgo = lineSplit.length > 3 ? lineSplit[3] : "0"; + + if (mdcMethod === "0" && aeadAlgo === "0") { + c.statusFlags |= EnigmailConstants.MISSING_MDC; + c.statusFlags |= EnigmailConstants.DECRYPTION_FAILED; // be sure to fail + c.flag = EnigmailConstants.MISSING_MDC; + EnigmailLog.DEBUG("errorHandling.jsm: missing MDC!\n"); + c.retStatusObj.statusMsg += EnigmailLocale.getString("missingMdcError") + "\n"; + } + } +} + function decryptionFailed(c) { c.inDecryptionFailed = true; } @@ -325,6 +341,7 @@ result[gStatusFlags.INV_SGNR] = invalidSignature; result[gStatusFlags.IMPORT_OK] = importOk; result[gStatusFlags.FAILURE] = failureMessage; + result[gStatusFlags.DECRYPTION_INFO] = decryptionInfo; return result; } @@ -396,11 +413,13 @@ } else { // non-status line (details of previous status command) - if (errLine == "gpg: WARNING: message was not integrity protected") { - // workaround for Gpg < 2.0.8 that don't fail on missing MDC for old - // algorithms like CAST5 - c.statusFlags |= EnigmailConstants.DECRYPTION_FAILED; - c.inDecryptionFailed = true; + if (!getEnigmailGpg().getGpgFeature("decryption-info")) { + if (errLine == "gpg: WARNING: message was not integrity protected") { + // workaround for Gpg < 2.0.8 that don't fail on missing MDC for old + // algorithms like CAST5 + c.statusFlags |= EnigmailConstants.DECRYPTION_FAILED; + c.inDecryptionFailed = true; + } } c.errArray.push(errLine); // save details of DECRYPTION_FAILED message ass error message diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/gpg.jsm new/enigmail/package/gpg.jsm --- old/enigmail/package/gpg.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/gpg.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -134,6 +134,7 @@ supports-sender - does gnupg understand the --sender argument (true for gpg >= 2.1.15) supports-wkd - does gpg support wkd (web key directory) (true for gpg >= 2.1.19) export-result - does gpg print EXPORTED when exporting keys (true for gpg >= 2.1.10) + decryption-info - does gpg print DECRYPTION_INFO (true for gpg >= 2.0.19) @return: depending on featureName - Boolean unless specified differently: (true if feature is available / false otherwise) @@ -180,6 +181,8 @@ return EnigmailVersioning.greaterThanOrEqual(gpgVersion, "2.1.15"); case "export-result": return EnigmailVersioning.greaterThanOrEqual(gpgVersion, "2.1.10"); + case "decryption-info": + return EnigmailVersioning.greaterThanOrEqual(gpgVersion, "2.0.19"); case "supports-wkd": return EnigmailVersioning.greaterThanOrEqual(gpgVersion, "2.1.19"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/install.rdf new/enigmail/package/install.rdf --- old/enigmail/package/install.rdf 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/install.rdf 2018-05-21 17:21:59.000000000 +0200 @@ -5,10 +5,10 @@ <Description about="urn:mozilla:install-manifest"> em:id{847b3a00-7ab1-11d4-8f02-006008948af5} - em:version2.0.4 + em:version2.0.5 em:type2 <!-- type = extension --> em:bootstraptrue - + <!-- Target Applications this extension can install into, with minimum and maximum supported versions. --> em:targetApplication diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/mime.jsm new/enigmail/package/mime.jsm --- old/enigmail/package/mime.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/mime.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -360,6 +360,38 @@ }, /** + * Try to determine if the message structure is a known MIME structure, + * based on the MIME part number and the uriSpec. + * + * @param mimePartNumber: String - the MIME part we are requested to decrypt + * @param uriSpec: String - the URI spec of the message (or msg part) loaded by TB + * + * @return Boolean: true: regular message structure, MIME part is safe to be decrypted + * false: otherwise + */ + isRegularMimeStructure: function(mimePartNumber, uriSpec) { + if (mimePartNumber.length === 0) return true; + if (mimePartNumber.search(/^1(\.1)*$/) === 0) return true; + + if (!uriSpec) return true; + + // is the message a subpart of a complete attachment? + let msgPart = this.getMimePartNumber(uriSpec); + if (msgPart.length > 0) { + // load attached messages + if (mimePartNumber.indexOf(msgPart) === 0 && + mimePartNumber.substr(msgPart.length).search(/^(\.1)+$/) === 0) return true; + + // load attachments of attached messages + if (msgPart.indexOf(mimePartNumber) === 0 && + uriSpec.search(/[\?&]filename=/) > 0) return true; + } + + return false; + }, + + + /** * Parse a MIME message and return a tree structur of TreeObject * * @param url: String - the URL to load and parse diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/mimeDecrypt.jsm new/enigmail/package/mimeDecrypt.jsm --- old/enigmail/package/mimeDecrypt.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/mimeDecrypt.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -380,6 +380,13 @@ } } + let spec = this.uri ? this.uri.spec : null; + EnigmailLog.DEBUG(`mimeDecrypt.jsm: checking MIME structure for ${this.mimePartNumber} / ${spec}\n`); + if (!EnigmailMime.isRegularMimeStructure(this.mimePartNumber, spec)) { + this.returnData(""); + return; + } + if (!this.isReloadingLastMessage()) { if (this.xferEncoding == ENCODING_BASE64) { this.outQueue = EnigmailData.decodeBase64(this.outQueue) + "\n"; @@ -560,20 +567,15 @@ } catch (ex) {} - if (this.mimePartNumber !== "1") { - this.addWrapperToDecryptedResult(); - } - else { - let i = this.decryptedData.search(/\n\r?\n/); - if (i > 0) { - var hdr = this.decryptedData.substr(0, i).split(/\r?\n/); - for (let j = 0; j < hdr.length; j++) { - if (hdr[j].search(/^\s*content-type:\s+text\/(plain|html)/i) >= 0) { - LOCAL_DEBUG("mimeDecrypt.jsm: done: adding multipart/mixed around " + hdr[j] + "\n"); - - this.addWrapperToDecryptedResult(); - break; - } + let i = this.decryptedData.search(/\n\r?\n/); + if (i > 0) { + var hdr = this.decryptedData.substr(0, i).split(/\r?\n/); + for (let j = 0; j < hdr.length; j++) { + if (hdr[j].search(/^\s*content-type:\s+text\/(plain|html)/i) >= 0) { + LOCAL_DEBUG("mimeDecrypt.jsm: done: adding multipart/mixed around " + hdr[j] + "\n"); + + this.addWrapperToDecryptedResult(); + break; } } } @@ -584,20 +586,9 @@ addWrapperToDecryptedResult: function() { let wrapper = EnigmailMime.createBoundary(); - let head = 'Content-Type: multipart/mixed; boundary="' + wrapper + '"\r\n' + + this.decryptedData = 'Content-Type: multipart/mixed; boundary="' + wrapper + '"\r\n' + 'Content-Disposition: inline\r\n\r\n' + - '--' + wrapper + '\r\n'; - - if (this.mimePartNumber !== "1") { - // Efail protection layer - head += 'Content-Type: text/html\r\n\r\n' + - '<!-- > <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> --> ' + - '<!-- \'> <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> --> ' + - '<!-- "> <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> -->\r\n\r\n' + - '--' + wrapper + '\r\n'; - } - - this.decryptedData = head + + '--' + wrapper + '\r\n' + this.decryptedData + '\r\n' + '--' + wrapper + '--\r\n'; }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/package/pEpDecrypt.jsm new/enigmail/package/pEpDecrypt.jsm --- old/enigmail/package/pEpDecrypt.jsm 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/package/pEpDecrypt.jsm 2018-05-21 17:21:59.000000000 +0200 @@ -219,7 +219,9 @@ onStopRequest: function() { // make the string a complete MIME message - if (this.ignoreMessage) { + let spec = this.uri ? this.uri.spec : null; + + if (!EnigmailMime.isRegularMimeStructure(this.mimePartNumber, spec) || this.ignoreMessage) { this.mimeSvc.onStopRequest(null, null, 0); return; } @@ -324,15 +326,6 @@ 'Content-Disposition: inline\r\n\r\n' + '--' + wrapper + '\r\n'; - if (this.mimePartNumber !== "1") { - // Efail protection layer - head += 'Content-Type: text/html\r\n\r\n' + - '<!-- > <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> --> ' + - '<!-- \'> <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> --> ' + - '<!-- "> <pre style="visibility:visible; display: block; font: fixed; font-size: 10px;"> -->\r\n\r\n' + - '--' + wrapper + '\r\n'; - } - this.decryptedData = head + this.decryptedData + '\r\n' + '--' + wrapper + '--\r\n'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/ui/content/enigmailMsgComposeOverlay.js new/enigmail/ui/content/enigmailMsgComposeOverlay.js --- old/enigmail/ui/content/enigmailMsgComposeOverlay.js 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/ui/content/enigmailMsgComposeOverlay.js 2018-05-21 17:21:59.000000000 +0200 @@ -523,7 +523,6 @@ } else { if (EnigmailURIs.isEncryptedUri(msgUri)) self.setOriginalSubject(msgHdr.subject, false); - self.checkMimeStructure(mimeMsg); } }); } @@ -543,30 +542,6 @@ return properties; }, - checkMimeStructure: function(mimeMsg) { - EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.checkMimeStructure\n"); - - if (mimeMsg.fullContentType.search(/^multipart\/encrypted.*protocol="?application\/pgp-encrypted?"/i) === 0) return; - - function getEncryptedSubPart(mimeMsg) { - if (mimeMsg.fullContentType.search(/^multipart\/encrypted.*protocol="?application\/pgp-encrypted?"/i) === 0) return true; - if (mimeMsg.fullContentType.search(/^message\/rfc822/i) === 0) return false; - - for (let i in mimeMsg.subParts) { - if (getEncryptedSubPart(mimeMsg.subParts[i])) return true; - } - - return false; - } - - for (let i in mimeMsg.subParts) { - if (getEncryptedSubPart(mimeMsg.subParts[i])) { - this.displayPartialEncryptedWarning("mime"); - return; - } - } - }, - setDraftOptions: function(mimeMsg) { EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.setDraftOptions\n"); @@ -4918,7 +4893,6 @@ decryptQuote: function(interactive) { EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.decryptQuote: " + interactive + "\n"); - const CT = Components.interfaces.nsIMsgCompType; if (gWindowLocked || this.processed) return; @@ -5137,32 +5111,7 @@ this.editorInsertText(tail); if (statusFlagsObj.value & EnigmailConstants.DECRYPTION_OKAY) { - let hLines = (head.search(/[^\s>]/) < 0 ? 0 : 1); - - if (hLines > 0) { - switch (gMsgCompose.type) { - case CT.Reply: - case CT.ReplyAll: - case CT.ReplyToSender: - case CT.ReplyToGroup: - case CT.ReplyToSenderAndGroup: - case CT.ReplyToList: - { - // if head contains at most 1 line of text, we assume it's the - // header above the quote (e.g. XYZ wrote:) - - let h = head.split(/\r?\n/); - hLines = -1; - - for (let i = 0; i < h.length; i++) { - if (h[i].search(/[^\s>]/) >= 0) hLines++; - } - } - } - } - if (hLines > 0 || tail.search(/[^\s>]/) >= 0) { - this.displayPartialEncryptedWarning("inline"); - } + this.checkInlinePgpReply(head, tail); } if (clipBoard.supportsSelectionClipboard()) { @@ -5234,6 +5183,47 @@ this.updateStatusBar(); }, + checkInlinePgpReply: function(head, tail) { + const CT = Components.interfaces.nsIMsgCompType; + if (!this.identity) return; + + let hLines = (head.search(/[^\s>]/) < 0 ? 0 : 1); + + if (hLines > 0) { + switch (gMsgCompose.type) { + case CT.Reply: + case CT.ReplyAll: + case CT.ReplyToSender: + case CT.ReplyToGroup: + case CT.ReplyToSenderAndGroup: + case CT.ReplyToList: + { + // if head contains at only a few line of text, we assume it's the + // header above the quote (e.g. XYZ wrote:) and the user's signature + + let h = head.split(/\r?\n/); + hLines = -1; + + for (let i = 0; i < h.length; i++) { + if (h[i].search(/[^\s>]/) >= 0) hLines++; + } + } + } + } + + if (hLines > 0 && (!this.identity.sigOnReply || this.identity.sigBottom)) { + // display warning if no signature on top of message + this.displayPartialEncryptedWarning(); + } + else if (hLines > 10) { + this.displayPartialEncryptedWarning(); + } + else if (tail.search(/[^\s>]/) >= 0 && !(this.identity.sigOnReply && this.identity.sigBottom)) { + // display warning if no signature below message + this.displayPartialEncryptedWarning(); + } + }, + editorInsertText: function(plainText) { EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.editorInsertText\n"); if (this.editor) { @@ -5310,17 +5300,11 @@ /** * Display a warning message if we are replying to or forwarding - * a partially decrypted email - * - * @param msgType: String - "mime" for PGP/MIME messages, "inline" for inline-PGP + * a partially decrypted inline-PGP email */ - displayPartialEncryptedWarning: function(msgType) { + displayPartialEncryptedWarning: function() { let msgLong = EnigmailLocale.getString("msgCompose.partiallyEncrypted.inlinePGP"); - if (msgType === "mime") { - msgLong = EnigmailLocale.getString("msgCompose.partiallyEncrypted.mimeMsg"); - } - this.notifyUser(1, EnigmailLocale.getString("msgCompose.partiallyEncrypted.short"), "notifyPartialDecrypt", msgLong); }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/ui/content/enigmailMsgHdrViewOverlay.js new/enigmail/ui/content/enigmailMsgHdrViewOverlay.js --- old/enigmail/ui/content/enigmailMsgHdrViewOverlay.js 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/ui/content/enigmailMsgHdrViewOverlay.js 2018-05-21 17:21:59.000000000 +0200 @@ -322,7 +322,11 @@ statusLine = statusInfo + EnigmailLocale.getString("clickDecryptRetry"); } else if (statusFlags & EnigmailConstants.DECRYPTION_FAILED) { - if (statusFlags & EnigmailConstants.MISSING_PASSPHRASE) { + if (statusFlags & EnigmailConstants.MISSING_MDC) { + statusInfo = EnigmailLocale.getString("mdcError"); + statusLine = statusInfo; + } + else if (statusFlags & EnigmailConstants.MISSING_PASSPHRASE) { statusInfo = EnigmailLocale.getString("missingPassphrase"); statusLine = statusInfo + EnigmailLocale.getString("clickDecryptRetry"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/enigmail/ui/locale/en-US/enigmail.properties new/enigmail/ui/locale/en-US/enigmail.properties --- old/enigmail/ui/locale/en-US/enigmail.properties 2018-05-16 15:08:12.000000000 +0200 +++ new/enigmail/ui/locale/en-US/enigmail.properties 2018-05-21 17:21:59.000000000 +0200 @@ -280,6 +280,7 @@ needKey=Error - no matching secret key found to decrypt message failedDecrypt=Error - decryption failed badPhrase=Error - bad passphrase +mdcError=Error - message was not integrity protected failedDecryptVerify=Error - decryption/verification failed viewInfo=; View > Message security info for details