From 66b21e96ca11f0820f7af39fe24c93037a623f57 Mon Sep 17 00:00:00 2001
From: RiotRobot <releases@riot.im>
Date: Wed, 28 Sep 2022 13:57:36 +0100
Subject: [PATCH] Resolve multiple CVEs

CVE-2022-39249
CVE-2022-39250
CVE-2022-39251
CVE-2022-39236
---
 src/components/views/rooms/EventTile.tsx | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/components/views/rooms/EventTile.tsx b/src/components/views/rooms/EventTile.tsx
index b4d022cab4..dfda481859 100644
--- a/src/components/views/rooms/EventTile.tsx
+++ b/src/components/views/rooms/EventTile.tsx
@@ -628,9 +628,11 @@ export class UnwrappedEventTile extends React.Component<IProps, IState> {
         }
 
         if (!userTrust.isCrossSigningVerified()) {
-            // user is not verified, so default to everything is normal
+            // If the message is unauthenticated, then display a grey
+            // shield, otherwise if the user isn't cross-signed then
+            // nothing's needed
             this.setState({
-                verified: E2EState.Normal,
+                verified: encryptionInfo.authenticated ? E2EState.Normal : E2EState.Unauthenticated,
             }, this.props.onHeightChanged); // Decryption may have caused a change in size
             return;
         }