Bug 230633 - www-client/opera < 9.51 "canvas" memory disclosure (CVE-2008-3078)
Bug#: 230633 (CVE-2008-2714) Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: minor Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: gts@ncaabbs.com
Component: Vulnerabilities
URL:  http://www.opera.com/docs/changelogs/linux/951/#security
Summary: www-client/opera < 9.51 "canvas" memory disclosure (CVE-2008-3078)
Keywords:  
Status Whiteboard: B4 [noglsa]
Opened: 2008-07-03 13:54 0000
Description:   Opened: 2008-07-03 13:54 0000 
http://www.opera.com/download/linux/

Version bump ftw ;)

------- Comment #1 From Carsten Lohrke 2008-07-03 15:19:37 0000 ------- 
Please do not file 0'day requests. When the maintainer doesn't react within a
week, it's early enough to do so.

------- Comment #2 From Jeroen Roovers 2008-07-03 20:45:45 0000 ------- 
(In reply to comment #0)
> http://www.opera.com/download/linux/
> 
> Version bump ftw ;)

Thank you very much for reporting. Sorry I couldn't respond sooner.

Please don't be discouraged by the request not to file "0-day" requests. I've
never seen any developer respond badly to such early version bump request
filings - especially with cases such as this one, where there are security
vulnerabilities to fix.

------- Comment #3 From Jeroen Roovers 2008-07-03 20:48:48 0000 ------- 
== Security ==
* Fixed an issue where <canvas> functions could reveal data from random places
in memory, as reported by Philip Taylor. See our advisory[1].
* Security status is now correctly set when navigating from HTTP to HTTPS.
* Corrected an issue related to OCSP and CRLs[2] that would lower security. 
Note: This will take effect with the weekly update, or when checking manually
for an update (Help > Check for Updates).

[1] http://www.opera.com/support/search/view/887/
[2]
http://my.opera.com/yngve/blog/2008/06/27/nobody-checks-the-padlock-debunked-by-opera-users

------- Comment #4 From Carsten Lohrke 2008-07-03 21:47:36 0000 ------- 
(In reply to comment #2)
> Please don't be discouraged by the request not to file "0-day" requests. I've
> never seen any developer respond badly to such early version bump request
> filings - especially with cases such as this one, where there are security
> vulnerabilities to fix.

Are you trying to start a pissing contest? This is my copy and paste standard
phrase for "early" version bump requests. Quite a number of devs are not amused
by a certain subset of users filing requests for software the second the
release announcement is out. Most of us find more time-consuming bug spam in
our inboxes, than we like. Filing a bug wrt. a vulnerabilty ASAP is fine of
course, but I really do not have the time to look up for every single version
bump request, if this may be the case. Bug has been assigned, so all is fine
and there's no point to send bug spam my way should this happen again in
future. Thanks.

------- Comment #5 From Jeroen Roovers 2008-07-03 22:59:38 0000 ------- 
# ChangeLog for www-client/opera
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/www-client/opera/ChangeLog,v 1.255
2008/07/03 22:52:38 jer Exp $

*opera-9.51 (03 Jul 2008)

  03 Jul 2008; Jeroen Roovers <jer@gentoo.org> +opera-9.51.ebuild:
  Version bump thanks to georgia_tech_swagger (bug #230633). Allow amd64 users
  to choose any x86 version (bug #227339).

------- Comment #6 From Robert Buchholz 2008-07-03 23:34:59 0000 ------- 
Arches, please test and mark stable:
=www-client/opera-9.51
Target keywords : "amd64 ppc sparc x86"

------- Comment #7 From Jeroen Roovers 2008-07-03 23:59:21 0000 ------- 
@amd64: It's probably a good idea to mask the new `ia32' USE flag (bug # for
more info) generally and then unmask it for amd64, while you're at it. :)

------- Comment #8 From Christian Faulhammer 2008-07-04 06:42:59 0000 ------- 
x86 stable

------- Comment #9 From Raúl Porcel 2008-07-04 18:25:58 0000 ------- 
no 9.5x versions on sparc, so nothing to do here

------- Comment #10 From Thomas Anderson (tanderson) 2008-07-04 21:00:14 0000 ------- 
amd64 stable

------- Comment #11 From Tobias Scherbaum 2008-07-05 10:30:59 0000 ------- 
ppc stable

------- Comment #12 From Jeroen Roovers 2008-07-05 15:10:17 0000 ------- 
Removed <www-client/opera-9.51.

------- Comment #13 From Matthias Geerdsen 2008-07-07 13:58:20 0000 ------- 
voting for NO glsa

------- Comment #14 From Pierre-Yves Rofes 2008-07-07 14:10:30 0000 ------- 
voting NO too and closing.