-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06.06.14 08:47, Onno Ekker wrote: > Hi, > > Yesterday another OpenSSL was published: > https://www.openssl.org/news/secadv_20140605.txt > > Along with it the security advisory came a fix for servers. > > Enigmail is using GPG, which probably uses OpenSSL, so i think it's > also vulnerable to this issue? > > Which versions of GPG are affected and is there a fix for this on > the client side? The vulnerability only works if both the client > and the server are vulnerable, so if we can fix this on the client > side, we should be safe for all servers, independent of their > state... > > I haven't find about it, and it's probably more a case for a GPG > group, but I'm not subscribed to a GPG group, that's why I ask it > here.
Neither GnuPG nor Thunderbird or Enigmail use OpenSSL in standard setups. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQEVAwUBU5Gk0Mk25cDiHiw+AQhnSggAxbMS/wanLyl3tqFcBM5hU03en3SyNiCX xzG2NMYdIaflUz5NPIhsIyU0HwisEHSN6Avlbbjov4iiAbLktnk0d6UDpMV+NzJo xQRQPmvbLvxuxQibg0Rh/naFyuPhQSkkoFCLlYq1Rq0qJAlI2VzcPuP6njPfBL3L JL6zL/XJEWK34pGI/wkvN3Eud/MQrJKfYeEU583RSX3h3sRrA+EbTiSpeJtLEAq1 6uwzoT0NAP5GmDFmJr2zLc6yvtVEvNIN49YC8a1qxsZkL0Uvc00JaOIyGOuhcKu7 UBEM4xwIz9U755Ny4pCW9+K/QPu1xPOx+ieCo8svQRkzJKXhE6Yc2A== =4F+r -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
