Author: sajolida Date: To: The Tails public development discussion list Old-Topics: Re: [Tails-dev] PGP MIME is insecure (for me) Subject: [Tails-dev] #8999: Claws Mail leaks cleartext of encrypted email to
the IMAP server [was: Re: PGP MIME is insecure (for me)]
During the last monthly meeting I volunteered to issue a security
advisory about the fact that Claws saved unencrypted emails to Drafts
and Queue folders on the IMAP server.
I've been gathering info and doing shitloads of testing, and I think we
have (almost) all the information to explain this properly and fix what
can be fixed in Tails.
So please review and comment on the synopsis from #9161.
If you agree with my analysis, the questions that we (as a project) need
to answer now are:
- Do we want to propose POP by default? (#9303)
- Do we want to ship Claws backports 3.10.1-2~bpo70+1? (#9302)
I'll raise those issues during the meeting tonight.
