I couldn't find any English language source. I am thus linking to Google Translate.
The E-mailprovider Posteo has corporated with the Mozilla SOS Fund to set up a security audit. It turns out that there are/were some serious bugs in Enigmail and Thunderbird. A new version of Enigmail is available (1.9.9) that should fix all the problems identified. Thunderbird will get fixed little by little.
One of the most serious issues they found in Thunderbird is that there is a grave vulnerability in the rss reader. They recommend to not use the RSS feature anymore at all until it is fixed!!
The E-mailprovider Posteo has corporated with the Mozilla SOS Fund to set up a security audit. It turns out that there are/were some serious bugs in Enigmail and Thunderbird. A new version of Enigmail is available (1.9.9) that should fix all the problems identified. Thunderbird will get fixed little by little.
One of the most serious issues they found in Thunderbird is that there is a grave vulnerability in the rss reader. They recommend to not use the RSS feature anymore at all until it is fixed!!