Sign in / up

back to article OpenPGP library RNP updates after Thunderbird decrypt-no-recrypt bug squashed

OpenPGP project RNP has patched its flagship product after Mozilla Thunderbird, a major user, was found to be saving users’ private keys in plain text. The newest version of RNP, 0.15.1, saw a fix for the vulnerability which led to a Thunderbird patch last week after confused users wondered why the email client’s master …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. NuffSed?

    Note to author

    Whilst I appreciate the piece, could I make a little suggestion to you and your colleagues.

    These types articles are very informative especially for people like me, who are not directly involved in the IT industry.

    However, this would be even more informative is you just add when the patch was applied and the software version that contains it. This would be very useful especially for those who rely on distro package managers that may be a few iterations behind that may still contain the bug.

    Thanks

    7 0 Reply
    1. Anonymous Coward
      Reply Icon
      Boffin

      Re: Note to author

      The author does provide the version number, 0.15.1.

      I'm not sure that the date of the patch is significant if you're relying on a distro package manager. As you point out, the packages are not always current and pulling a new package tomorrow is no guarantee that it includes the new RNP version.

      1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon