Gentoo Bug 188987 - www-client/opera < 9.23 - arbitrary code execution

First Last Prev Next No search results available Search page Enter new bug

Bug#:	188987
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Christian Faulhammer <fauli@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 188987 depends on:			Show dependency tree
Bug 188987 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2007-08-15 13:23 0000

"Fixed a JavaScript security issue discovered with Mozilla's jsfunfuzz tool.
See our advisory."
[...]
"A virtual function call on an invalid pointer that may reference data crafted
by the attacker can be used to execute arbitrary code."

9.23 fixes it.  Not in the tree yet.

------- Comment #1 From Jeroen Roovers 2007-08-15 14:24:53 0000 -------

www-client/opera-9.23 is in CVS.

------- Comment #2 From Christian Faulhammer 2007-08-15 15:55:55 0000 -------

My proposal for severity is B2 and I hope security team is not pissed when I cc
arches. 

Please mark stable www-client/opera-9.23, thanks.  x86 stable.

------- Comment #3 From Gustavo Zacarias (RETIRED) 2007-08-15 16:23:34 0000 -------

sparc stable, and unmasked it - otherwise it's no good for anyone!

------- Comment #4 From Christoph Mende 2007-08-15 17:13:11 0000 -------

amd64 stable

------- Comment #5 From Tobias Scherbaum 2007-08-15 21:27:30 0000 -------

ppc stable, ready for glsa (voting?)

------- Comment #6 From Raphael Marichez 2007-08-20 09:38:17 0000 -------

merging GLSA with bug 185497. No vote needed, it's A2 (code execution)

------- Comment #7 From Raphael Marichez 2007-08-22 22:43:23 0000 -------

GLSA 200708-17, combined with bug 185497. Thanks everybody!

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 188987

www-client/opera < 9.23 - arbitrary code execution

Last modified: 2007-08-22 22:43:23 0000