efail and pgp/gpg
lundberg.emil at gmail.com
Wed May 30 21:47:53 CEST 2018
Yes, the efail vulnerability is specifically that a maliciously crafted
e-mail could cause an e-mail client to inject decrypted cleartext into URLs
in HTML content (like an <img src>) - thus exposing the cleartext to the
server hosting that URL.
Pass is not affected.
On Mon, 21 May 2018, 11:21 Ben Oliver, <ben at bfoliver.com> wrote:
> On 18-05-21 12:07:30, Vlad Nastasiu wrote:
> >I have a noob question: does the efail vuln affects password store in any
> I am by no means an authority on it but from what I gather it's a
> problem with how Mail Clients read HTML. Shouldn't be an issue with
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Password-Store