8314 moderate openSUSE Leap 42.3 Update This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs (boo#1097525) - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode (boo#1096745) This mitigation prevents CVE-2018-12020 from being exploited even if GnuPG is not patched. enigmail-2.0.7-21.1.i586.rpm enigmail-2.0.7-21.1.src.rpm enigmail-2.0.7-21.1.x86_64.rpm