https://bugs.kde.org/show_bug.cgi?id=404697
Jan Kundrát <j...@kde.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Latest Commit| |https://invent.kde.org/pim/ | |trojita/commit/8db7f450d525 | |39b4c72ee968384911b6813ad1e | |7 Status|CONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #11 from Jan Kundrát <j...@kde.org> --- Git commit 8db7f450d52539b4c72ee968384911b6813ad1e7 by Jan Kundrát. Committed on 26/06/2020 at 10:29. Pushed by jkt into branch 'master'. Prevent a possible decryption oracle attack Thanks to Jens Mueller (Ruhr-Uni Bochum and FH Münster) for reporting this. The gist is that an attacker can embed arbitrary ciphertext into their messages. Trojita decrypts that, and when we hit reply, the original *cleartext* gets quoted and put into a reply for the attacker to see. Fix this by not quoting any plaintext which originated in an encrypted message. That's pretty draconian, but hey, it works and we never came up with any better patch. Also, given that Trojita does not encrypt outgoing messages yet, this is probably also a conservative thing to do. Change-Id: I84c45b9e707eb7c99eb7183c6ef59ef41cd62c43 CVE: CVE-2019-10734 M +2 -0 src/Cryptography/GpgMe++.cpp M +8 -1 src/Gui/MessageView.cpp M +8 -0 src/Gui/PartWidget.cpp M +1 -1 src/Imap/Model/ItemRoles.h https://invent.kde.org/pim/trojita/commit/8db7f450d52539b4c72ee968384911b6813ad1e7 -- You are receiving this mail because: You are watching all bug changes.