home bbs files messages ]

Just a sample of the Echomail archive

Cooperative anarchy at its finest, still active today. Darkrealms is the Zone 1 Hub.

   INTERNET      The global pornography network      2,155 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 1,852 of 2,155   
   August Abolins to All   
   vulnerability in the way its Thunderbird   
   20 Jul 21 09:47:32   
   
   TZUTC: -0700   
   MSGID: 347.fido-internet@1:153/757.2 255c357f   
   PID: Synchronet 3.19a-Linux master/e53c59265 Jul 10 2021 GCC 10.3.0   
   TID: SBBSecho 3.14-Linux master/e53c59265 Jul 10 2021 GCC 10.3.0   
   BBSID: TRMB   
   CHRS: ASCII 1   
   Mozilla announced a vulnerability in the way its Thunderbird email client   
   implements OpenPGP. If you use Thunderbird to manage your PGP keys, you should   
   update to the latest version of Thunderbird.    
      
   https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/#CVE-2021-29956?u   
   tm_campaign=ww-all-2a-generic-coms_email-g_eng-newsletter&utm_source=proton_use   
   rs_mail&utm_medium=email&utm_content=2021_-_june   
      
   https://tinyurl.com/sy4yudx3   
      
   Here are the two concerns for convenience:   
      
   [1]   
      
   CVE-2021-29957: Partial protection of inline OpenPGP message not indicated   
      
   Description   
      
   If a MIME encoded email contains an OpenPGP inline signed or encrypted message   
   part, but also contains an additional unprotected part, Thunderbird did not   
   indicate that only parts of the message are protected.   
      
   [2]   
      
   CVE-2021-29956: Thunderbird stored OpenPGP secret keys without master password   
   protection   
      
   Description   
      
   OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to   
   version 78.10.1 were stored unencrypted on the user's local disk. The master   
   password protection was inactive for those keys. Version 78.10.2 will restore   
   the protection mechanism for newly imported keys, and will automatically   
   protect keys that had been imported using affected Thunderbird versions.   
   --- SBBSecho 3.14-Linux   
    * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757.2)   
   SEEN-BY: 1/123 14/0 30/0 90/1 103/705 105/81 120/340 123/131 129/305   
   SEEN-BY: 134/100 153/105 135 757 154/10 218/700 221/1 6 226/30 227/114   
   SEEN-BY: 227/702 229/101 424 426 428 452 550 700 1016 1017 240/1120   
   SEEN-BY: 240/5832 249/206 317 400 261/38 280/464 282/464 1038 292/854   
   SEEN-BY: 301/0 1 101 113 123 317/3 322/757 335/364 342/200 633/280   
   SEEN-BY: 920/1 3634/12 4500/1 5058/104   
   PATH: 153/757 221/6 301/1 229/426   
      

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca