You got it right.
Email consists of several components:
A "From:" address, a list of recipient addresses (To, CC, BCC), several headers used for correctly routing the email to its destination, a "subject" message, and a "body" message (which includes attachments). You likely want to guarantee the integrity of all of these, and the secrecy of at least the subject and the body.
PGP only deals with the body. Nothing else is kept secret, and nothing else is authenticated. It considers everything else (including the "subject" message) to be "data packet header fields".
This means that a PGP signature of an email message will still validate when the subject is altered, the recipient is different, the sender is different, or other headers change. EG if you forward an email and change the subject line to start with "FW: " you'll be the sender, the new recipient will replace the original in the "To" field, the rest of the headers will differ, but the signature will remain valid.
Likewise if an attacker modifies the "From" to trick you into thinking someone else sent the message, changes the subject, or just wants to read the subject or correlate who is talking to whom, they can.
Unfortunately there's no way to fix these vulnerabilities without breaking backwards compatibility with unencrypted email. I therefore recommend avoiding email encryption, and using a system designed for security to begin with such as Matrix or Signal.
