Fedora has issued an advisory on June 6: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MSDVIS7ZF7QYW2ZQIWHAYRICTD5P36LC/ Enigmail 2.0.6 has more EFAIL fixes. We have 2.0.5 currently.
Advisory from openSUSE on May 28 with more detail on the issue fixed: https://lists.opensuse.org/opensuse-updates/2018-05/msg00133.html
Assigning to the registered maintainer, CC'ing some recent committers/pushers
Assignee: bugsquad => doktor5000CC: (none) => geiger.david68210, lists.jjorge, marja11, mrambo, nicolas.salguero
Enigmail 2.0.6.1 fixes CVE-2018-12019: https://neopg.io/blog/enigmail-signature-spoof/ http://openwall.com/lists/oss-security/2018/06/13/10
It should be upgraded to 2.0.7: https://neopg.io/blog/gpg-signature-spoof/ https://sourceforge.net/p/enigmail/forum/announce/thread/b948279f/
Advisory from openSUSE on June 15 with the latest fixes: https://lists.opensuse.org/opensuse-updates/2018-06/msg00094.html
Depends on: (none) => 23277
Fixed in: https://advisories.mageia.org/MGASA-2018-0316.html
Status: NEW => RESOLVEDResolution: (none) => FIXED