8314 moderate openSUSE Leap 42.3 Update ports This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs (boo#1097525) - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode (boo#1096745) This mitigation prevents CVE-2018-12020 from being exploited even if GnuPG is not patched. enigmail-2.0.7-21.1.ppc64le.rpm enigmail-2.0.7-21.1.src.rpm enigmail-2.0.7-21.1.aarch64.rpm