🅭

KMail’s Send Later sent PGP encrypted emails in plain-text

I recently discovered the security vulnerability CVE-2017-9604 in the KDE Project’s KMail email client. This vulnerability led KMail to not encrypt email messages scheduled to be sent with a delay, even when KMail gave every indication that the email contents would be encrypted using OpenPGP.

OpenPGP, or Pretty Good Privacy, is a standard for digitally signing and encrypting email contents that can provide end-to-end encryption. OpenPGP, when implemented correctly, can provide integrity checking and tamper-proofing of received email messages, as well as concealing the contents of an email message. An encrypted email message’s headers, including the sender and recipient, are left unencrypted to facilitate delivery of the message through the existing email infrastructure.

KMail, an email client from the KDE Project, introduced a new feature in version 4.11 that lets users delay sending of emails until a scheduled later time. Unfortunately, this new feature wasn’t compatible with KMail’s existing OpenPGP implementation.

If you combined the two features, KMail would give every indication that the email message would be signed and encrypted. However, upon scheduling it to be sent at a later time, the OpenPGP routines were bypassed – leading to the email being sent in plain-text without being signed or encrypted. The bug would lead to unintentional information disclosure of private message contents.

I reported the problem to KDE’s security group, and the problem was promptly fixed by KDE developer Laurent Montel.

KMail versions between 4.11 and 17.04.1 are vulnerable. KMail version 17.04.2, released on , contains a fix for the problem. You should update KMail before sending any private messages with OpenPGP, to ensure your messages will remain private. Different Linux distributions will push out this update on their own schedules.

KMail’s documentation does urge users to verify that OpenPGP works before they start using it:

[It] is important that you test if encryption works with your setup before you start using it seriously. KMail might not warn you if something fails.

The documentation didn’t provide any instructions for how you’d test and verify that encryption works. I was testing to see whether encryption was working by sending delayed encrypted emails to myself using the Send Later with Delay feature in KMail.

I thought it was a good way to inspect that the message would be encrypted in a way that wold be compatible with other OpenPGP capable email clients before sending the message.