This project is pending deletion, and will be deleted on 2025-08-04. Repository and other project resources are read-only.

Enigmail vulnerable to signature spoofing (again): CVE-2019-12269

Enigmail 2.0.11 was released today which fixes another signature spoofing vulnerability:
https://www.enigmail.net/index.php/en/download/changelog#enig2.0.11
https://sourceforge.net/p/enigmail/bugs/983/

Feature Branch: bugfix/16738-enigmail-signature-spoofing

Related issues

Related to #16978 (closed)
Blocks #16209

Original created by @segfault on 16738 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information