[SECURITY] [DLA 1219-1] enigmail security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : enigmail
Version : 2:1.9.9-1~deb7u1
CVE ID : CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846
CVE-2017-17847 CVE-2017-17848
Multiple vulnerabilities were discovered in Enigmail, an OpenPGP
extension for Thunderbird, which could result in a loss of
confidentiality, faked signatures, plain text leaks and denial of
service. Additional information can be found under
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
For Debian 7 "Wheezy", these problems have been fixed in version
2:1.9.9-1~deb7u1.
We recommend that you upgrade your enigmail packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlo+P2wACgkQnUbEiOQ2
gwLvEA/9HEDdLgsPf5iTUdTVtKXyCm/coBHiWRKH3/rChlXofh55Q0vyxb8wrgAt
UBOeylQ3Ft+2d1HxbxVoIlrjR0Skzm5fyDIuSDno2BgyRqA6ArKovvSHC7UyZxJb
4vklXev7MvWDhiNs8CD6DYfb3wQm2BpL5ncIayPPZv3nnBe/LlH5M89QLEnv+lUz
s5WgzQ36lGot0OZC/9oOoKHYeryfibRrW+WpFStu5a1OfjZeK10lCCHjORKrE6Sa
24ccSiQ0mP6cNITfv+/aFeRaujDw88VY/e74mK51yYbYyA8Fi8wQhlOfE9kaoJDj
9kqK3OvuK40N4l2pHmVBvyuWqYnOXw4riodnzqh4hwT++8uhYbHXiwQGmThoACGH
gOrqKKwcch/YdgaT3P4DAb0QqinW2nFqREf2XUIX0uW5kVQ3lsNibif9+ZSQwgB8
qwLmsGM157sofLFcranXNmL9Vm3lIWU71VJV5zmiWR9/PzXfQSDlGFOgpo6A9Zvh
EsHrPm+maGPYN598I5j86BPC7d2xmxanDPrCwa3NSMcoDlBV7S9zzLeEO/zZRv+Z
De7N5o+NEqIew01jvbiOWjbrVKSlb5E4f3UpS0rfAX9gPPJWiM9AbYQCus3cJiFn
phGVErzofShK7JpTmmVcYWWWtlSXA4RnIGinUb0LtVgy1EgbpPw=
=zF6j
-----END PGP SIGNATURE-----
Reply to: