A new release of the CipherMail Email Encryption Gateway and Webmail
messenger is available.
They contain some fixes for recently reported security vulnerabilities
and a number of general improvements.
CipherMail Email Encryption Gateway 4.8.0-0 release notes:
* Fix for CVE-2020-12713
* Fix for CVE-2020-12714
* CXF jars update from 3.0.12 to 3.3.6 (+ jar dependencies updated)
* Java 8 or up is now required
* Docker compose file for Postgres added (for unit tesing)
* Docker compose file for SKS PGP key server added (for unit testing).
* Support for Securosys HSM added [ENT].
* Certbot timer was not started [PRO/ENT].
* ECallSMSTransport2 added which supports the new ECall API [PRO/ENT].
* hsm-iaik-watchdog.xml renamed to hsm-watchdog.xml [ENT].
CipherMail Webmail Messenger 3.2.0-0 release notes:
* Fix for CVE-2020-12713
* Fix for CVE-2020-12714
* CXF jars update from 3.0.12 to 3.3.6 (+ jar dependencies updated)
* Java 8 or up is now required
* Docker compose file for Postgres added (for unit tesing)
* Certbot timer was not started.
* ECallSMSTransport2 added which supports the new ECall API.
* Roundcube updated to 1.4.4
For background information on the security vulnerabilities and patch
instructions can be found on our blog:
https://www.ciphermail.com/blog/ciphermail-cve-2020-12713_2020-12714.html
Kind regards,
Martijn Brinkers
ยทยทยท
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF encryption and secure webmail pull.
W: https://www.ciphermail.com/
E: info(a)ciphermail.com
T: +31 20 290 0088