Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 May 2018 17:22:32 +1000
From: Brian May <>
Subject: Re: PGP/MIME and S/MIME mail clients vulnerabilities

Leo Gaspard <> writes:

> Just to add in about Thunderbird with Enigmail after 2.0.0:
> So it looks like data encrypted with CAST5 (and possibly 3DES?) may be
> at risk even with Enigmail 2.0.0, with what I guess is latest GnuPG
> (don't know whether it is with 1.4, 2.2 or both, though), likely due to
> a GnuPG bug.


"We should also be very careful to note that none of this discussion
thread applies to the MIME concatenation vulnerability, which is a
problem in Thunderbird and other mail clients, and which cannot be
solved by gnupg."
Brian May <>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ