back to article OpenPGP library RNP updates after Thunderbird decrypt-no-recrypt bug squashed

OpenPGP project RNP has patched its flagship product after Mozilla Thunderbird, a major user, was found to be saving users’ private keys in plain text. The newest version of RNP, 0.15.1, saw a fix for the vulnerability which led to a Thunderbird patch last week after confused users wondered why the email client’s master …

  1. NuffSed?

    Note to author

    Whilst I appreciate the piece, could I make a little suggestion to you and your colleagues.

    These types articles are very informative especially for people like me, who are not directly involved in the IT industry.

    However, this would be even more informative is you just add when the patch was applied and the software version that contains it. This would be very useful especially for those who rely on distro package managers that may be a few iterations behind that may still contain the bug.

    Thanks

    1. HildyJ Silver badge
      Boffin

      Re: Note to author

      The author does provide the version number, 0.15.1.

      I'm not sure that the date of the patch is significant if you're relying on a distro package manager. As you point out, the packages are not always current and pulling a new package tomorrow is no guarantee that it includes the new RNP version.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022