Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails

To: Salvatore Bonaccorso <carnil@debian.org>, 926996@bugs.debian.org, security@kde.org
Subject: Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
From: Sandro Knauß <hefee@debian.org>
Date: Mon, 13 May 2019 23:43:30 +0200
Message-id: <[🔎] 4496426.lfNHeDoCeW@tuxin>
Reply-to: Sandro Knauß <hefee@debian.org>, 926996@bugs.debian.org
In-reply-to: <[🔎] 20190513194221.GA6585@eldamar.local>
References: <155514431375.29734.9166112587474396736.reportbug@eldamar.local> <[🔎] 20190513194221.GA6585@eldamar.local> <155514431375.29734.9166112587474396736.reportbug@eldamar.local>

Control: reassign -1 kf5-messagelib

The code lies in kf5-messagelib, that's why I reassign the bug. Please update 
the security tracker accordingly.

> Discussion on https://bugs.kde.org/show_bug.cgi?id=404698 seems to
> indicate the issue is getting resolved upstream.

Yes I fixed the bug upstream and will hopefully find time the next days to 
backport it to 18.08.

hefee

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

References:
- Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: Re: Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
Next by Date: Processed: Re: Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
Previous by thread: Processed: Re: Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
Next by thread: Processed: Re: Bug#926996: kmail: CVE-2019-10732: decryption based on replying to PGP or S/MIME encrypted emails
Index(es):
- Date
- Thread