Project

General

Profile

Feature #15657

Check which version of Enigmail we should ship

Added by intrigeri 6 months ago. Updated 1 day ago.

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
06/15/2018
Due date:
% Done:

0%

Estimated time:
2.00 h
Spent time:
QA Check:
Info Needed
Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:
Email Client

Description

For #15602 we're going to import Enigmail from sid into our custom APT repo (our freeze exception process). For 3.9 and later we should check whether we can install that package from stretch-security, or from sid, or update it in our custom APT repo, or something.


Related issues

Related to Tails - Bug #15602: Fix EFAIL Resolved 05/14/2018
Related to Tails - Feature #15923: Autocrypt forces unencrypted messages In Progress 12/03/2018
Related to Tails - Bug #16120: devel branch FTBFS since Enigmail 2:2.0.8-5~deb9u1 reached Stretch Fix committed 11/12/2018
Blocks Tails - Feature #15507: Core work 2019Q1: Foundations Team Confirmed 04/08/2018

History

#1 Updated by intrigeri 6 months ago

#2 Updated by intrigeri 6 months ago

#3 Updated by intrigeri 4 months ago

  • Target version changed from Tails_3.9 to Tails_3.10.1

We currently have 2.0.7-2 on our devel branch. The only user-visible changes up to, and including, 2.0.7+ds1-1, are:

  • "avoid using and shipping OpenPGP.js": if we take it, it'll require very careful testing
  • "update dependency on GnuPG to account for important bugfixes needed to replace OpenPGP.js" i.e. Depends: gnupg (>= 2.2.8-2~), which is not available for Stretch

I see no immediate benefit in upgrading in Tails 3.9 and it requires backporting a newer gnupg, which is not exactly tempting. So let's stick to 2.0.7-2 for Tails 3.9 and come back to it later. It would be sweet if we could simply do that all the way during the Tails 3.x series, and upgrade only in Tails 4.0. But I think enigmail will need to be upgraded in Debian stable for compatibility with Thunderbird 60 so we'll see.

#4 Updated by intrigeri 4 months ago

#5 Updated by intrigeri 4 months ago

#6 Updated by intrigeri 3 months ago

  • Target version changed from Tails_3.10.1 to Tails_3.12

Given:

I don't think we should do the upgrade in a bugfix release => postponing to next major version.

#7 Updated by intrigeri 3 months ago

#8 Updated by intrigeri 3 months ago

#9 Updated by intrigeri about 1 month ago

  • Related to Feature #15923: Autocrypt forces unencrypted messages added

#10 Updated by intrigeri about 1 month ago

intrigeri wrote:

  • Recent Enigmail packages (that don't include OpenPGP.js) depend on a newer GnuPG, that's in stretch-backports

The required GnuPG changes made it into stable-pu (https://bugs.debian.org/910398) and will be in the next Stretch point-release, which our devel branch will pick up and that we'll have in Tails 3.12. So let's deal with all the Enigmail/Autocrypt/GnuPG stuff together once the Stretch point release is out.

#11 Updated by intrigeri about 1 month ago

  • Related to Bug #16120: devel branch FTBFS since Enigmail 2:2.0.8-5~deb9u1 reached Stretch added

#12 Updated by intrigeri 12 days ago

  • Assignee deleted (intrigeri)

#13 Updated by hefee 12 days ago

  • Assignee set to hefee

#14 Updated by hefee 1 day ago

  • Assignee changed from hefee to intrigeri
  • Estimated time set to 2.00 h
  • QA Check set to Info Needed
  • Where is this version 2:2.0.7+ds1-1 coming from?
  • Is Tails currently having a modified version of enigmail installed? If yes where are the sources for it?
  • how do I can test a new enigmail version in an iso?

Debian has now shipped 2:2.0.8-5~deb9u1 in stretch and bts is not mentioning any new issues. So it sounds like a valid candidate to use.

checking enigmail itself:
- 2.0.8: - 2.0.9:

plus enigmail bugtracker don't have open issues, that makes me step back.

Also available in: Atom PDF