[kmail2] [Bug 404698] Decryption Oracle based on replying to PGP or S/MIME encrypted emails
Sandro Knauß
bugzilla_noreply at kde.org
Fri Jun 28 16:38:27 BST 2019
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #24 from Sandro Knauß <sknauss at kde.org> ---
(In reply to beuc from comment #23)
> I wrote something cruder but that works with the 404698-* messagelib test
> cases:
> https://www.beuc.net/tmp/kdepim-CVE-2019-10732.patch
> This should be a good compromise, let me know if I missed something.
> I plan to upload an update shortly, probably next week :)
The code looks like it should be enough. But the surrounding code has changed a
lot between 4.14.1 and had less tests etc. It may be that there are other
things to fix.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list