CVE-2017-17844 (retired)

An issue was discovered in Enigmail before 1.9.9. A remote attacker can
obtain cleartext content by sending an encrypted data block (that the
attacker cannot directly decrypt) to a victim, and relying on the victim to
automatically decrypt that block and then send it back to the attacker as
quoted text, aka the TBE-01-005 "replay" issue.
Upstream:released (2:1.9.9-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (2:1.9.9-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:1.9.9-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2:1.9.9-1)
More Information

Updated: 2019-03-26 12:25:24 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)