Re: [Vagrant Cascadian] Bug#759646: notmuch-emacs: switching mode= to invalid value sends unencrypted mail

Subject: Re: [Vagrant Cascadian] Bug#759646: notmuch-emacs: switching mode= to invalid value sends unencrypted mail

Date: Mon, 08 Feb 2016 17:52:01 +0000

To: David Bremner, notmuch@notmuchmail.org, 759646@bugs.debian.org

Cc:

From: David Edmondson


[Raking over history...]

On Sat, Nov 29 2014, David Bremner wrote:
> David Edmondson <dme@dme.org> writes:
>
>> On Tue, Sep 02 2014, Tomi Ollila wrote:
>>> On Tue, Sep 02 2014, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
>>>
>>>> On 08/30/2014 03:37 AM, Jani Nikula wrote:
>>>>> I'm inclined to think this is a bug in message-mode. 
>>>>
>>>> I agree it's a bug in message-mode, not in notmuch itself.
>>>
>>> I think it might be here:
>>>
>>> http://bzr.savannah.gnu.org/lh/emacs/emacs-24/annotate/head:/lisp/gnus/mml.el#L258
>>>
>>> (it takes time to load, please wait...)
>>>
>>> If cond does not match, then don't fail...
>>
>> This looks to have been fixed in emacs at the end of September 2014.
>
> Right, this fix was released in emacs 24.4
>
> I'm a little torn what to do here. On the one hand the upstream change
> fixes the bug as reported. On the other hand, if something corrupts the
> #secure tag (e.g., by deleting a letter), then the message is still sent
> un-uncrypted.

That's true, but it's undoubtedly an upstream bug rather than a
notmuch-emacs bug.

If we apply some heuristic workaround in notmuch, users of gnus (and
mu4e?) will still be vulnerable to the same problem. The right thing to
do is report (and fix) the bug upstream.

Thread: