Mailvelope version history - 24 versions
Mailvelope by Mailvelope GmbH
Be careful with old versions! These versions are displayed for testing and reference purposes.You should always use the latest version of an add-on.
Latest version
Version 5.2.0
Released 27 Jun 2024 - 2.82 MBWorks with firefox 79.0 and later* Measure onboarding success with opt-in for 1% of users (Clean Insights)
* Auto text wrap in display container for cleartext signed messages
* Fix duplicate key entries in the keyring after reload of GnuPG keyring
* Add better hint when GnuPG is installed but not detected
* Use crypto.randomUUID() for unique identifiersSource code released under GNU General Public Licence v3.0
Download Firefox and get the extensionYou'll need Firefox to use this extensionOlder versions
Version 5.1.2
Released 14 Feb 2024 - 2.91 MBWorks with firefox 79.0 and later* Fix click on links in decrypted message leading to page loading errors
* Update dependenciesSource code released under GNU General Public Licence v3.0
Version 5.1.1
Released 13 Oct 2023 - 2.9 MBWorks with firefox 79.0 and later* [Gmail] Fix detection of encrypted attachmentsSource code released under GNU General Public Licence v3.0
Version 5.1.0
Released 11 Jul 2023 - 2.89 MBWorks with firefox 79.0 and later* Support signature verification independent of sender identity
* Display signature verification results in the file decryption UI
* Warn about signature inconsistency between message and attachments
* Improve detection of messages with detached signatures
* Fix key import not updating existing keys properly
* Fix undefined password in private key backup after prior usage of password cacheSource code released under GNU General Public Licence v3.0
Version 5.0.1
Released 19 Apr 2023 - 2.91 MBWorks with firefox 79.0 and later* Replace QR code library
* Fix showing only first email address of key in recipient selection of Mailvelope editor
* Fix unknown signature has fingerprint instead keyId (GnuPG backend)Source code released under GNU General Public Licence v3.0
Version 4.2.3
Released 5 Mar 2020 - 3.07 MBWorks with firefox 63.0 and later* Revise Google sign in button designSource code released under GNU General Public Licence v3.0
Version 4.2.2
Released 3 Mar 2020 - 3.07 MBWorks with firefox 63.0 and later* Fix key import of multiple keys in one armored block
* Fix decrypt of message with unknown signature (GnuPG backend)
* Revise Gmail API settings UISource code released under GNU General Public Licence v3.0
Version 4.2.1
Released 9 Jan 2020 - 2.97 MBWorks with firefox 63.0 and later* Build WKD URL with web crypto digest method instead node crypto shim
* Various bug fixes in Gmail API integration
* Fix options view of app when using createSettingsContainer client-API method
* Update to Bootstrap 4.4.1, optimize container layoutSource code released under GNU General Public Licence v3.0
Version 4.2.0
Released 12 Nov 2019 - 3.12 MBWorks with firefox 63.0 and later* Support for Gmail API (experimental)
* Websites can trigger request for inclusion in the authorized domain listSource code released under GNU General Public Licence v3.0
Version 4.1.1
Released 28 Aug 2019 - 2.98 MBWorks with firefox 63.0 and later* Fix error messages on restore backup dialog
* Fix bug in the editor recipient input field when terminating email address with space key
* Hide bit length selector in in advanced key generation options where not appropriate
* Fix duplicate password popup for Mailvelope viewer in the app decrypt UI
* Optimize styling of embedded components for small dimensions
* Allow to switch keyrings in the keyring setup UI
* Fix encoding of file objects when decrypting armored message in app
* Add support for Experimental Web Platform features with DOMPurify returning TrustedHTML
* Add Mailvelope title to editor and password dialog
* Fix line wrapping of cleartext signed messagesSource code released under GNU General Public Licence v3.0
Version 4.1.0
Released 15 Aug 2019 - 2.92 MBWorks with firefox 63.0 and later* Further fixes of character duplication when pasting password from clipboard in password input fields
* The keyring.openSettings method supports now direct navigation to the default keySource code released under GNU General Public Licence v3.0
Version 4.0.1
Released 8 Aug 2019 - 2.92 MBWorks with firefox 63.0 and later* Fix pasting password from clipboard in password and key generate dialogs
* Fix import keys with key attribute packets from keys.mailvelope.com and WKD
* Improve scaling of logoSource code released under GNU General Public Licence v3.0
Version 4.0.0
Released 1 Aug 2019 - 2.91 MBWorks with firefox 63.0 and later* Refreshed Mailvelope branding: new design, new logo, new icons and fonts.
* Many revised UI components, integration of new UI concepts like toasts to replace alert messages.
* Revised mail provider integration: messages are automatically decrypted if private key password is cached, new animated Mailvelope editor button.
* New configurable security background with choice of 24 icons
* Remove jQuery dependency in content scripts
* Improve PGP message detection logic on host page
* New file encryption UI in app which supports signingSource code released under GNU General Public Licence v3.0
Version 3.3.1
Released 5 Jul 2019 - 2.42 MBWorks with firefox 60.0 and later* Fix race condition when importing keys that can lead to key pairs being imported as separate public and private keySource code released under GNU General Public Licence v3.0
Version 3.3.0
Released 4 Jul 2019 - 2.42 MBWorks with firefox 60.0 and later* [Security] New key import UI that displays all imported user IDs and requires additional confirmation step (CVE-2019-9150)
* [Security] Fix insufficient key equality checks when importing keys via the client-API
* [Security] Fix self signature check for armoredDraft option when using GnuPG keyring. Sign and encrypt operations should always require user interaction (CVE-2019-9149).
* [Security] Add missing message and key validity checks (CVE-2019-9148)
* [Security] Improve counter of private key operations to increase resistance against time-based side-channel attacks
* Improve GPG detection on startup
* [Security] Fix issue with the private key restore mechanism, that stores unlocked private keys inside the encrypted recovery message
* Support for Autocrypt headers in client-APISource code released under GNU General Public Licence v3.0
Version 3.2.0
Released 15 May 2019 - 2.4 MBWorks with firefox 60.0 and later* Migrate to Bootstrap 4
* Add openpgp-email-read and openpgp-email-write web components
* Add query by email parameter to keyring.hasPrivateKey method
* Add basic Autocrypt integration
* Enable key lookup (Mailvelope key server, WKD, Autocrypt) for client-API calls
* Add freenet.de to default list of authorized domains
* Update OpenPGP.js to 4.5.1Source code released under GNU General Public Licence v3.0
Version 3.1.0
Released 11 Mar 2019 - 2.37 MBWorks with firefox 60.0 and later* Redesign key details UI in app
* Key UI: upload or delete keys to/from the Mailvelope key server
* Key UI: change password of private keys
* Key UI: create key revokation certificates
* Key UI: change (add new, delete, revoke) user ID: name and email
* Key UI: set new expiration date for key
* Make links in decrypted messages clickable
* Add checkbox to security settings to allow to hide header in armored message
* [Security] Fix control mechanism to let components only be created in authorized domains
* [Security] Fix OK badge on browser action icon that signals user interaction
* Various fixes and refactoring
* Update OpenPGP.js to 4.4.9Source code released under GNU General Public Licence v3.0
Version 3.0.2
Released 18 Dec 2018 - 2.34 MBWorks with firefox 60.0 and later* Update OpenPGP.js to 4.3.0Source code released under GNU General Public Licence v3.0
Version 3.0.1
Released 14 Dec 2018 - 2.34 MBWorks with firefox 60.0 and later* Revise OpenPGP backend selection UI.
* Update OpenPGP.js to 4.2.2. Add patch to verify ECC keys.Source code released under GNU General Public Licence v3.0
Version 3.0.0
Released 11 Dec 2018 - 2.34 MBWorks with firefox 60.0 and later* GnuPG integration: connect via native messaging with a GnuPG installation and use GnuPG as an alternative backend for all OpenPGP operations.
* New encrypted web forms feature: use Mailvelope to transmit HTML form data end-to-end encrypted with OpenPGP (https://github.com/mailvelope/mailvelope/wiki/Encrypted-Forms).
* Support the Web Key Directory (https://wiki.gnupg.org/WKD) for decentralized public key discovery.
* Update OpenPGP.js to 4.2 (http://github.com/openpgpjs/openpgpjs/releases/tag/v4.2.0): security fixes, support for ECC.
* Redesign of keyring selection component and keyring management view
* Block external HTML content in decrypted messages
* Revise unit testing framework and increase test coverage
* Major refactoring of keyring and model classes to support multiple OpenPGP backends
* Add keyring fallback mechanism to find required private key for an operation across multiple keyrings
* Public keys are synchronized across multiple keyrings
* Authorized domains for client-API are by default HTTPS-only
* Revise MIME parser/builder integrationSource code released under GNU General Public Licence v3.0
Version 2.2.2
Released 15 May 2018 - 1.64 MBWorks with firefox 52.0 and later* [Security] Enforce strict MDC checking for all non-AES symmetric encryption algorithmsSource code released under GNU General Public Licence v3.0
Version 2.2.1
Released 4 May 2018 - 1.64 MBWorks with firefox 52.0 and later* Fix issue with negative left-position of encrypt frame in some webmail clients
* Remove non-functional (and on Firefox broken) scanning for sub frames when adding active tab to the watchlist
* Fix corrupted file name on file download for Firefox <61Source code released under GNU General Public Licence v3.0
Version 2.2.0
Released 6 Mar 2018 - 1.64 MBWorks with firefox 52.0 and later- Encrypt and decrypt texts in App UI
- Migrate decrypt-inline and editor component to React
- Decrypt available messages when transferring to Mailvelope editor
- Fix keyring backup key type filtering
- Fix initialization of watchlist
- Fix key server selection cancel buttonSource code released under GNU General Public Licence v3.0
Version 2.2.0b1
Released 17 Feb 2018 - 2.72 MBWorks with firefox 52.0 and later- Encrypt and decrypt texts in App UI
- Migrate decrypt-inline and editor component to React
- Decrypt available messages when transferring to Mailvelope editor
- Fix keyring backup key type filtering
- Fix initialization of watchlist
- Fix key server selection cancel buttonSource code released under GNU General Public Licence v3.0