https://bugs.kde.org/show_bug.cgi?id=416656
--- Comment #4 from Jens Mueller ---
I'm using Kali.
Okular (xdg-open) does not allow you to *launch* Linux executables. It does
however allow you to *open* files with a default application (e.g., a text like
/etc/passwd file is opened
https://bugs.kde.org/show_bug.cgi?id=416653
--- Comment #5 from Jens Mueller ---
I opened an issue for Poppler:
https://gitlab.freedesktop.org/poppler/poppler/issues/878
If it's handled there, things should be fine.
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416656
Bug ID: 416656
Summary: PDF Launch Action allows to execute Mono executables
Product: okular
Version: 1.3.3
Platform: Other
OS: Linux
Status: REPORTED
Severity:
https://bugs.kde.org/show_bug.cgi?id=416654
--- Comment #2 from Jens Mueller ---
Created attachment 125336
--> https://bugs.kde.org/attachment.cgi?id=125336=edit
Trivial PoC (02)
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416654
--- Comment #1 from Jens Mueller ---
Created attachment 125335
--> https://bugs.kde.org/attachment.cgi?id=125335=edit
Trivial PoC (01)
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416654
Bug ID: 416654
Summary: JavaScript in PDF documents can exhaust resources
Product: okular
Version: 1.3.3
Platform: Other
OS: Linux
Status: REPORTED
Severity:
https://bugs.kde.org/show_bug.cgi?id=416653
--- Comment #2 from Jens Mueller ---
Created attachment 125333
--> https://bugs.kde.org/attachment.cgi?id=125333=edit
Trivial PDF deflate bomb (02)
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416653
--- Comment #3 from Jens Mueller ---
Created attachment 125334
--> https://bugs.kde.org/attachment.cgi?id=125334=edit
Trivial PDF deflate bomb (03)
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416653
--- Comment #1 from Jens Mueller ---
Created attachment 125332
--> https://bugs.kde.org/attachment.cgi?id=125332=edit
Trivial PDF deflate bomb (01)
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=416653
Bug ID: 416653
Summary: PDF Deflate bombs may cause crashes or resource
exhaustion
Product: okular
Version: 1.3.3
Platform: Other
OS: Linux
Status:
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #15 from Jens Mueller ---
@David: This would mean if you attach a non-encrypted image to an encrypted...
Absolutely, such an email could not be decrypted anymore if you follow our
suggestions (or had to be manually decrypted on the command
https://bugs.kde.org/show_bug.cgi?id=404698
Jens Mueller changed:
What|Removed |Added
Version|5.10.3 |unspecified
--
You are receiving this mail
https://bugs.kde.org/show_bug.cgi?id=404697
--- Comment #7 from Jens Mueller ---
Update: Here's a full (public) report on the issue:
https://arxiv.org/ftp/arxiv/papers/1904/1904.07550.pdf
For Trojitá, CVE-2019-10734 was assigned for reply-based `decryption oracles`.
--
You are receiving
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #10 from Jens Mueller ---
Update: Here's a full (public) report on the issue:
https://arxiv.org/ftp/arxiv/papers/1904/1904.07550.pdf
For KMail, CVE-2019-10732 was assigned for reply-based `decryption oracles`.
--
You are receiving
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #9 from Jens Mueller ---
Imho, there are no legitimate use cases for `partial encryption` in S/MIME and
PGP/MIME, but it's hard to measure if such emails do exist in the wild. In case
of PGP/Inline, unfortunately, every part is encrypted
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #7 from Jens Mueller ---
Exactly that's the problem. Note that not only one message, but hundreds of
captured messages can be wrapped and leaked with one single reply.
Traditional message takeover attacks under a new identity (C
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #4 from Jens Mueller ---
Things may have changed in the meantime, but for the version we tested
(v5.2.3), there is no need to click on "Decrypt Message". While the plaintext
is not shown to the user, if he does not explicitly clic
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #1 from Jens Mueller ---
Created attachment 118288
--> https://bugs.kde.org/attachment.cgi?id=118288=edit
Proof-of-concept PGP
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=404698
Bug ID: 404698
Summary: Decryption Oracle based on replying to PGP or S/MIME
encrypted emails
Product: kmail2
Version: unspecified
Platform: Debian stable
OS:
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #2 from Jens Mueller ---
Created attachment 118289
--> https://bugs.kde.org/attachment.cgi?id=118289=edit
Proof-of-concept S/MIME
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=404697
--- Comment #2 from Jens Mueller ---
Created attachment 118287
--> https://bugs.kde.org/attachment.cgi?id=118287=edit
Proof-of-concept S/MIME
Please find attached a raw .eml file which depicts the issue for S/MIME.
--
You are receiving this m
https://bugs.kde.org/show_bug.cgi?id=404697
Bug ID: 404697
Summary: Decryption Oracle based on replying to PGP or S/MIME
encrypted emails
Product: trojita
Version: 0.7
Platform: Compiled Sources
OS: Linux
https://bugs.kde.org/show_bug.cgi?id=404697
--- Comment #1 from Jens Mueller ---
Created attachment 118286
--> https://bugs.kde.org/attachment.cgi?id=118286=edit
Proof-of-concept PGP
Please find attached a raw .eml file which depicts the issue for PGP.
--
You are receiving this mail beca
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #9 from Jens Mueller ---
Hi Jan,
> You might see different results from what I see because
> different servers parse garbage input in a different way.
That's interesting, however I'd not rely on the config of the IMAP server f
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #8 from Jens Mueller ---
Created attachment 115532
--> https://bugs.kde.org/attachment.cgi?id=115532=edit
Screenshots of testcases
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=399055
--- Comment #2 from Jens Mueller ---
Hi Jan,
I see the problem. You want to accept partly signed messages and require to
display which part of the message was signed in the mail body. This is a hard
problem of usable security. I have no good solution
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #6 from Jens Mueller ---
Hi Jan,
Sry, uploaded the key to the keyservers.
Greetings
Jens
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=399055
Bug ID: 399055
Summary: Signature spoofing in PGP signed email (GUI layer)
Product: trojita
Version: unspecified
Platform: unspecified
OS: Linux
Status: REPORTED
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #1 from Jens Mueller ---
Created attachment 115221
--> https://bugs.kde.org/attachment.cgi?id=115221=edit
Testcase 'from sender, others: signer'
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #4 from Jens Mueller ---
Created attachment 115224
--> https://bugs.kde.org/attachment.cgi?id=115224=edit
Testcase 'from1: sender, from2: signer'
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #2 from Jens Mueller ---
Created attachment 115222
--> https://bugs.kde.org/attachment.cgi?id=115222=edit
Testcase 'from sender, others: signer'
--
You are receiving this mail because:
You are watching all bug changes.
https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #3 from Jens Mueller ---
Created attachment 115223
--> https://bugs.kde.org/attachment.cgi?id=115223=edit
Testcase 'from1: sender, from2: signer'
--
You are receiving this mail because:
You are watching all bug changes.
ice to explicitly show *signed-by-whom*
directly in the UI when displaying a PGP signed message. A comparison to the
*From:* or *Sender:* header fields may not be sufficient because this approach
is error prone.
Feel free to contact me for any questions.
Greetings,
Jens Mueller
--
M.Sc. Jens Mueller
Resea
https://bugs.kde.org/show_bug.cgi?id=390452
--- Comment #2 from Jens Mueller <jens.a.mueller+...@rub.de> ---
For the tests we used Debian GNU/Linux 9.3 with the libqt5webkit5:amd64
(version 5.7.1+dfsg-1) package installed.
Note easy prefetching of http://tracking-id.attacker.com; rel=&qu
https://bugs.kde.org/show_bug.cgi?id=390452
Bug ID: 390452
Summary: HTML Backchannel in Trojitá Mail Client: DNS
Prefetching
Product: trojita
Version: unspecified
Platform: Other
OS: Linux
35 matches
Mail list logo
