Hi, Yesterday another OpenSSL was published: https://www.openssl.org/news/secadv_20140605.txt
Along with it the security advisory came a fix for servers. Enigmail is using GPG, which probably uses OpenSSL, so i think it's also vulnerable to this issue? Which versions of GPG are affected and is there a fix for this on the client side? The vulnerability only works if both the client and the server are vulnerable, so if we can fix this on the client side, we should be safe for all servers, independent of their state... I haven't find about it, and it's probably more a case for a GPG group, but I'm not subscribed to a GPG group, that's why I ask it here. Onno
_______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
