Security update for enigmail

SUSE Security Update: Security update for enigmail
Announcement ID: SUSE-SU-2019:2982-1
Rating: moderate
References: #1141025 #1151317
Affected Products:
  • SUSE Linux Enterprise Workstation Extension 15-SP1
  • SUSE Linux Enterprise Workstation Extension 15

An update that contains security fixes can now be installed.

Description:

This update for enigmail fixes the following issues:

  • SeaMonkey is no longer supported. Update description and no longer put in SeaMonkey addons path (bsc#1151317)

enigmail was updated 2.1.2:
  • compatibility with Mozilla Thunderbird 68
  • New simplified setup wizard
  • Full support for keys.openpgp.org
  • Default to ECC keys on GnuPG 2.1 or later
  • Autocrypt: implemented key-gossip and updates to known keys

enimail was updated to 2.0.12:
  • set the default keyserver to keys.openpgp.org in order to mitigate the SKS Keyserver Network Attack (bsc#1141025)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Workstation Extension 15-SP1:
    zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2019-2982=1
  • SUSE Linux Enterprise Workstation Extension 15:
    zypper in -t patch SUSE-SLE-Product-WE-15-2019-2982=1

Package List:

  • SUSE Linux Enterprise Workstation Extension 15-SP1 (x86_64):
    • enigmail-2.1.2-3.19.1
  • SUSE Linux Enterprise Workstation Extension 15 (x86_64):
    • enigmail-2.1.2-3.19.1

References: