Re: [Tails-dev] #8999: Claws Mail leaks cleartext of encrypt…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] #8999: Claws Mail leaks cleartext of encrypted email to the IMAP server
Adam Burns wrote (07 May 2015 16:00:18 GMT) :
> Will it be posted prominently (front page or?).


It's now on the front page. Until we add a specific tag to that
security advisory, Tails users will be notified about it on
every boot.

Of course that's painful for the vast majority of users, who don't use
Claws Mail, so I've suggested to leave this on only for a couple
weeks, and point to the security advisory from Tails 1.4 and 1.4.1
release notes. sajolida hasn't commented on it yet, and has marked the
ticket about the 1.4 release notes as resolved, so I don't know what
is his take on it. Possibly that's an oversight.

Another option would be to point to it from the security advisory
against 1.3.2 (published at the same time as the 1.4 release).

> The reason I ask is I believe people must be informed about this to take
> appropriate action if required.


Sure.

Cheers,
--
intrigeri