#Enigmail 2.0.11 (2019-05-21) addresses a security issue with inline-PGP messages that allows an attacker to have Enigmail display a correctly signed or encrypted message info, but display a different unauthenticated text.
Screenshot taken from jensvoid, who found this vuln: https://twitter.com/jensvoid/status/1130875640159318016
This is the bug report https://sourceforge.net/p/enigmail/bugs/983/
It works by appending a legit signed message as inline PGP:
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!