oss-sec mailing list archives

Re: PGP/MIME and S/MIME mail clients vulnerabilities

From: Brian May <bam () debian org>
Date: Wed, 16 May 2018 17:28:50 +1000

Brian May <bam () debian org> writes:

From https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060361.html:

"We should also be very careful to note that none of this discussion
thread applies to the MIME concatenation vulnerability, which is a
problem in Thunderbird and other mail clients, and which cannot be
solved by gnupg."


Also see links in
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060358.html to
upstream bug reports in GnuPG and Enigmail.

https://dev.gnupg.org/T3981
https://sourceforge.net/p/enigmail/bugs/838/
-- 
Brian May <bam () debian org>

Current thread:

PGP/MIME and S/MIME mail clients vulnerabilities Yves-Alexis Perez (May 14)
- Re: PGP/MIME and S/MIME mail clients vulnerabilities Jakub Wilk (May 14)
- Re: PGP/MIME and S/MIME mail clients vulnerabilities Christian Brabandt (May 14)
  - Re: PGP/MIME and S/MIME mail clients vulnerabilities Yves-Alexis Perez (May 14)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Brian May (May 15)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Yves-Alexis Perez (May 15)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Leo Gaspard (May 15)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Brian May (May 16)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Brian May (May 16)
  - Re: PGP/MIME and S/MIME mail clients vulnerabilities Florian Weimer (May 15)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Yves-Alexis Perez (May 16)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Matthew Fernandez (May 16)
    - Re: PGP/MIME and S/MIME mail clients vulnerabilities Florian Weimer (May 22)