Version bump for opera. Fixes at least two security issues on Linux. Reproducible: Always
*** This bug has been marked as a duplicate of bug 195386 ***
It's not a duplicate.
Thanks for reporting, Marko.
Fixing screwed bug status...
Bugzilla sucks.
??? *** This bug has been marked as a duplicate of bug 195386 ***
Committing the ebuild as we speak.
This bug is not a duplicate, as the security issues fixed are not the ones in bug 195386: * Fixed an issue where external news readers and e-mail clients could be used to execute arbitrary code, as reported by Michael A. Puls II. http://www.opera.com/support/search/view/866/ * Fixed an issue where scripts could overwrite functions on pages from other domains. Issue reported to Opera by David Bloom. http://www.opera.com/support/search/view/867/ Jeroen, is 9.24 ok for stabling?
(In reply to comment #9) > This bug is not a duplicate, as the security issues fixed are not the ones in > bug 195386: Well, they may be... As for stabilisation, the way it usually goes with Opera is upstream does a security release, I commit an ebuild as soon as possible and then we stabilise it as soon as possible. So yes, we're good to go stable. :)
Arches, please test and mark stable www-client/opera-9.24 Targets: "amd64 ppc sparc x86"
x86 stable
Sparc done.
ppc stable
CVE-2007-5540 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5540): Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors. CVE-2007-5541 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5541): Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors.
====amd64==== On amd64 everything is working fine. Portage 2.1.3.9 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.22-gentoo-r8 x86_64) ================================================================= System uname: 2.6.22-gentoo-r8 x86_64 AMD Athlon(tm) 64 Processor 3400+ Timestamp of tree: Sun, 21 Oct 2007 01:47:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p17 dev-lang/python: 2.4.4-r5 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.9-r2 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.22-r2 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -Os -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=athlon64 -Os -pipe" DISTDIR="/distfiles" FEATURES="ccache collision-protect distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/kde /overlay /usr/portage/local/kde" SYNC="rsync://kv80/gentoo-portage" USE="X acl acpi aim alsa amd64 arts berkdb bitmap-fonts branding cairo cli cracklib crypt cups dbus dri dvd dvdread emboss encode esd evo fam firefox fortran gdbm gif gpm gstreamer hal iconv imap ipv6 isdnlog jpeg kde kerberos mad midi mikmod mmx mp3 mpeg mqsli mudflap mysql ncurses nls nptl nptlonly nvidia ogg opengl openmp oss pam pcre pdf perl png pppd python qt3 qt3support quicktime readline reflection sdl session sockets spell spl sqlite3 sse sse2 ssl svg tcpd test tiff truetype truetype-fonts type1-fonts unicode vim vorbis xcomposite xine xml xorg xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
amd64 stable
Ready for GLSA request
GLSA 200710-31