Enigmail 2.1.3
Released 2019-10-20, works with Thunderbird 68 and Postbox 7.
Notable Changes
This release unifies the specific versions for Postbox and Thunderbird.
Bugs fixed:
A bug was fixed in the setup wizard that could lead the wizard to never complete scanning the inbox.
See list of fixed defects for more fixed issues.
2.1.2
This release fixes a regression bug that duplicates the subject with encrypted mails. In addition, several localizations were updated.
2.1.1
This release improves compatibility with Thunderbird 68. In addition, many translations were updated and some defects were fixed.
Bugs fixed:
• When creating encrypted messages with hidden subjects, the subject cannot be restored anymore
• Importing keys attached to emails does not work
• Reading keys from Autocrypt Key Gossip not possible for plaintext emails
• Dark theme / some text hard to read
2.1
Notable Changes
• A new simplified setup wizard will first try to find out if you already used encrypted emails before, and then proceed in the most suitable way.
• On Windows and macOS, there is an automatic check for updates to GnuPG.
• Autocrypt: implemented key-gossip and updates to known keys
• If GnuPG 2.1 or newer are used, then key creation will default to ECC keys
• Interaction with keyservers has been rewritten from scratch, using Thunderbird-internal functions to access the keyservers.
• Full support for keys.openpgp.org, which is used as default keyserver.
Bugs fixed:
A notable number of defects has been fixed for this release. Please check the list of fixed defects for details.
This release addresses a security issue with inline-PGP messages
that allows an attacker to have Enigmail display a correctly signed
or encrypted message info, but display a different unauthenticated
text.
Enigmail 2.0.9
Released 2018-10-09, works with Thunderbird 60.0.
Notable Changes
This release addresses a security issue and solves a few regression bugs.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.8
Released 2018-08-04, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses a security issue and solves a few regression bugs.
Bugs fixed:
A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted.
Check the full list of fixed defects.
Enigmail 2.0.7
Released 2018-06-13, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several critical security bugs.
Bugs fixed:
Spoofing of Email signatures I (CVE-2018-12020): GnuPG 2.2.8 fixed a security bug that allows remote attackers to spoof arbitrary email signatures via the embedded "--filename" parameter in OpenPGP literal data packets. This release of Enigmail prevents the exploit for all versions of GnuPG, i.e. also if GnuPG is not updated.
Spoofing of Email signatures II (CVE-2018-12019): The signature verification routine in Enigmail interpreted User IDs as status/control messages and did not correctly keep track of the status of multiple signatures. This allowed remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.
Mozilla crash bug 1423895: if Enigmail is installed on Thunderbird 60b7 together with the Add-Ons "CardBook", "QuickFolders" (and possibly other Add-Ons), then Thunderbird will crash as soon as an Enigmail-specific window is opened. This version implements a workaround for the Mozilla bug.
Enigmail 2.0.6
Released 2018-05-27, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses a vulnerability that would allow an attacker to make a victim respond to a partially encrypted message and thus reveal protected information.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.5
Released 2018-05-21, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release implements a fix that prevents any form of the Efail vulnerability and similar attacks. We recommend to upgrade to this version as soon as possible.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.4
Released 2018-05-16, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release implements two workarounds to prevent from Efail vulnerabilities. We recommend to upgrade to this version as soon as possible.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.3
Released 2018-05-08, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several defects, including a crash when accessing encrypted forwarded messages.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.2
Released 2018-04-12, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses some regressions found in version 2.0/2.0.1.
Bugs fixed:
Check the full list of fixed defects.
Enigmail 2.0.1
Released 2018-04-02, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
This release addresses several defects found in version 2.0.
Bugs fixed:
S/MIME signing/encryption not working correctly, if Enigmail is not enabled for an account
Emails fail to decrypt if the sender address contains brackets
Autocrypt-headers may flip manually created per-recipient rules
The key manager does not load if no key on the keyring
Check the full list of fixed defects.
Enigmail 2.0
Released 2018-03-25, works with Thunderbird 52.0 - 60.0 and SeaMonkey 2.46 - 2.55.
Notable Changes
The Encryption and Signing buttons now work for both OpenPGP and S/MIME. Enigmail will chose between S/MIME or OpenPGP depending on whether the keys for all recipients are available for the respective standard.
Support for Pretty Easy Privacy (p≡p) is implemented in Enigmail. p≡p is active by default for new users.
Support for the Autocrypt standard, which is now enabled by default. If Enigmail is used in the "classical mode" (with p≡p disabled) then Autocrypt is enabled by default.
Support for Web Key Directory (WKD) is implemented. Enigmail will try to download unavailable keys during message composition from WKD. If you use GnuPG 2.2.x, and your provider supports the Web Key Service protocol, you can also use Enigmail to upload your key to WKD.
The message subject can now be encrypted and replaced with a dummy subject, following the Memory Hole standard for protected Email Headers.
The keys on the keyring are automatically refreshed from keyservers at an irregular interval.
Enigmail was turned into a "restartless" addon. That is, once you installed Enigmail 2.0, subsequent updates will be installed without needing to restart Thunderbird.
Keys are internally addressed using the fingerprint instead of the key ID.
The minimum GnuPG version supported is now 2.0.16.
Cygwin-versions of GnuPG are no longer supported.
Bugs fixed
Many bugs were fixed. Check the list of fixed defects.
Enigmail 1.9.8
Released 2017-06-30, works with Thunderbird 52.0 & newer and SeaMonkey 2.46 & newer.
Notable Changes
This is a bugfix release. In addition, some locales were updated.
Bugs fixed
This version fixes a bug which blocks the mail sending process.
Enigmail 1.9.7
Released 2017-05-13, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
This is a bugfix release
Bugs fixed
This version fixes a compatibility bug on Thunderbird 52 that makes keyserver up/downloads unusable.
Changes in 1.9.6
Make key importing more robust
New variant of PGP/MIME messages broken by MS-Exchang
Better detection is decrypted message is displayed
Changes in 1.9.5
Enigmail wizard fails with GnuPG installation
Include AppData
Forwarding an encrypted message results in empty body
enigmail does not seem to parse last '=' in quoted-printable encoded encrypted/signed parts
select keys for Per-Recipient-Rules regression : all keys are unchecked
Enigmail 1.9.2
Released 2016-04-25, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
This is a bugfix release
Important Note
This version requires GnuPG 2.0.7 or newer. GnuPG 1.4.x is not supported anymore.
Bugs fixed
Check the list of fixed defects at
https://sourceforge.net/p/enigmail/bugs/search/?q=status%3Afixed+%26%26+_fixed%3A1.9.2
* Add option to select gnupg2 and gnupg21
* Update MASTER_SITES
Changelog:
Enigmail 1.9.1
Released 2016-03-06, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
This is a bugfix release
Important Note
This version requires GnuPG 2.0.7 or newer. GnuPG 1.4.x is not supported anymore.
Bugs fixed
Check the list of fixed defects.
Enigmail 1.9
Released 2016-02-24, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
Added support for GnuPG 2.1
Backup and restore of keys and Enigmail settings
Messages are sent using PGP/MIME by default
Several new dialog windows that improve usability
Added support for protected headers (off by default)
There is no binary component anymore - this version runs on all platforms for which Thunderbird and GnuPG are available.
Important Note
This version requires GnuPG 2.0.7 or newer. GnuPG 1.4.x is not supported anymore.
Bugs fixed
Many bugs were fixed. Check the list of fixed defects.
Enigmail is a security extension to Mozilla Thunderbird and Seamonkey.
It integrates the renowned OpenPGP standard provided by GnuPG.
Sending and receiving encrypted and digitally signed email gets just
simple using Enigmail.
This is packaged in pkgsrc-wip by Kamil Rytarowski.
