Today Opera 8.52 has been released. 8.52 is a maintainance release fixing three security issues and one bug regarding website rendering. Just renaming the 8.51 ebuild should work.
http://www.opera.com/docs/changelogs/linux/852/
Created attachment 80025 [details, diff] Ebuild patch Differences from opera-8.51.ebuild to opera-8.52.ebuild
lanius please bump, thx
*** Bug 123254 has been marked as a duplicate of this bug. ***
Could someone please update opera in portage. There are security holes in opera 8.51 and I think security issues should be fixed more quickly.
commited.
(In reply to comment #6) > commited. There is a digest problem with 8.52 ebuild: >>> emerge (1 of 1) www-client/opera-8.52 to / >>> checksums files ;-) opera-8.51.ebuild !!! Digest verification Failed: !!! /usr/portage/www-client/opera/opera-8.52.ebuild !!! Reason: Filesize does not match recorded size !!! Got: 4455 !!! Expected: 4458 This is happening right after emerge sync.
(In reply to comment #7) > (In reply to comment #6) > > commited. > > There is a digest problem with 8.52 ebuild: > > >>> emerge (1 of 1) www-client/opera-8.52 to / > >>> checksums files ;-) opera-8.51.ebuild > > !!! Digest verification Failed: > !!! /usr/portage/www-client/opera/opera-8.52.ebuild > !!! Reason: Filesize does not match recorded size > !!! Got: 4455 > !!! Expected: 4458 > > This is happening right after emerge sync. > I'm also getting this.
ebuild /usr/portage/www-client/opera/opera-8.52.ebuild digest should fix it
Ok, seems like gustavoz fixed the digests, so this is ready for glsa vote. I tend to say no here.
(In reply to comment #9) > ebuild /usr/portage/www-client/opera/opera-8.52.ebuild digest > > should fix it > emerge opera Calculating dependencies ...done! >>> emerge (1 of 1) www-client/opera-8.52 to / >>> checksums files ;-) opera-8.51.ebuild >>> checksums files ;-) opera-8.52.ebuild >>> checksums files ;-) files/opera-qt.patch >>> checksums files ;-) files/opera.desktop >>> checksums files ;-) files/opera-qt.2.patch >>> checksums files ;-) files/digest-opera-8.51 >>> checksums files ;-) files/digest-opera-8.52 >>> checksums src_uri ;-) opera-8.52-20060201.5-shared-qt.i386-en.tar.bz2 >>> Unpacking source... >>> Unpacking opera-8.52-20060201.5-shared-qt.i386-en.tar.bz2 to /var/tmp/portage/opera-8.52/work >>> Source unpacked. >>> Compiling source in /var/tmp/portage/opera-8.52/work/opera-8.52-20060201.5-shared-qt.i386-en ... >>> Source compiled. >>> Test phase [not enabled]: www-client/opera-8.52 >>> Install opera-8.52 into /var/tmp/portage/opera-8.52/image/ category www-client System wide configuration files: /var/tmp/portage/opera-8.52/image//etc//opera6rc /var/tmp/portage/opera-8.52/image//etc//opera6rc.fixed would be ignored if installed with the prefix "/var/tmp/portage/opera-8.52/image//opt/opera". Do you want to install them in /var/tmp/portage/opera-8.52/image//etc/ [ y,n | yes,no ] ? Shortcut icons will be ignored if installed with the prefix "/var/tmp/portage/opera-8.52/image//opt/opera". Do you want to (try to) install them in default locations [ y,n | yes,no ] ? Could not find icon installation directory, icons not installed. ACCESS DENIED open_wr: /usr/local/share/applications/opera.desktop ./install.sh: line 1503: /usr/local/share/applications/opera.desktop: Permission denied chmod: cannot access `/usr/local/share/applications/opera.desktop': No such file or directory ACCESS DENIED rename: /usr/local/share/applications/.mimeinfo.cache.3EbODQ ACCESS DENIED unlink: /usr/local/share/applications/.mimeinfo.cache.3EbODQ ** (process:20395): CRITICAL **: egg_desktop_entries_add_group: assertion `egg_desktop_entries_lookup_group (entries, group_name) == NULL' failed [Invalid UTF-8] Could not parse file '/usr/share/applications/eprzelewy.desktop': desktop entry contain line 'Comment[pl]=Aplikacja do drukowania przelew\xf3w' which is not UTF-8 File '/usr/share/applications/textdoc2.desktop' contains invalid MIME type 'vnd.oasis.opendocument.text-master' that is missing a slash ACCESS DENIED rename: /usr/share/applications/.mimeinfo.cache.pM6XcO ACCESS DENIED unlink: /usr/share/applications/.mimeinfo.cache.pM6XcO ./install.sh: line 1785: 20395 Segmentation fault update-desktop-database man: prepallstrip: strip: i686-pc-linux-gnu-strip --strip-unneeded /opt/opera/lib/opera/8.52-20060201.5/opera /opt/opera/lib/opera/8.52-20060201.5/spellcheck.so /opt/opera/lib/opera/8.52-20060201.5/works /opt/opera/lib/opera/8.52-20060201.5/missingsyms.so /opt/opera/lib/opera/plugins/operamotifwrapper-1 /opt/opera/lib/opera/plugins/operamotifwrapper-2 /opt/opera/lib/opera/plugins/operamotifwrapper-3 /opt/opera/lib/opera/plugins/libnpp.so /opt/opera/lib/opera/plugins/operaplugincleaner >>> Completed installing opera-8.52 into /var/tmp/portage/opera-8.52/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-www-client_-_opera-8.52-20232.log" open_wr: /usr/local/share/applications/opera.desktop rename: /usr/local/share/applications/.mimeinfo.cache.3EbODQ unlink: /usr/local/share/applications/.mimeinfo.cache.3EbODQ rename: /usr/share/applications/.mimeinfo.cache.pM6XcO unlink: /usr/share/applications/.mimeinfo.cache.pM6XcO -------------------------------------------------------------------------------- ???
[SOLVED] Disable it by adding -sandbox to FEATURES in make.conf
Security * Replaced expired certificates from TrustCenter. * Solved status bar issue described in Secunia Advisory 17571. * Implemented stricter handling of the Online Certificate Status Protocol (OCSP). The status bar thing is a good phishing helper. I tend to vote yes for that reason, but overall it's a pretty lame.
It would probably make more sense to sort out the ebuild so we dont have to disable gentoo's built-in security mechanisms before suggesting this as a glsa fix for such an obscurely implausible phishing attack. hnx
lanius please doublecheck the ebuild...
commited a fix; i hope my repoman didn't screwup the digest again otherwise can somebody please fix it
(In reply to comment #16) > commited a fix; i hope my repoman didn't screwup the digest again otherwise can > somebody please fix it Doesn't work for me: >>> Regenerating /etc/ld.so.cache... >>> emerge (4 of 4) www-client/opera-8.52 to / >>> checksums files ;-) opera-8.51.ebuild !!! Digest verification Failed: !!! /usr/portage/www-client/opera/opera-8.52.ebuild !!! Reason: Filesize does not match recorded size !!! Got: 4528 !!! Expected: 4530
>>> md5 files ;-) opera-8.51.ebuild !!! Digest verification Failed: !!! /usr/portage/www-client/opera/opera-8.52.ebuild !!! Reason: Filesize does not match recorded size This is still not fixed. Please, anybody, having the stable version of a major software package not working for several days because of trivial errors does not shed a good light on bug management in Gentoo.
My 8.52 ebuild has another filesize and MD5 hash. I modified my Manifest: MD5 df2d35ec519dfde7dfa45be1d44b064a opera-8.52.ebuild 4528 After this it installed opera-8.52. Timo
ebuild issues should be sorted out, ppc and amd64 please test and mark stable, thank you
ppc stable
amd64 stable, closing since we are the last arch.
reopening, there's still a glsa/noglsa resolution outstanding
I repeat, I tend to vote yes.
_very_ lame security bug, vote NO.
Reverting to NO and closing -- feel free to reopen if you intended to vote yes.
and closing :)
