Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 243060
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
opera-9.61.ebuild opera 9.61 ebuild first stab text/plain George Wu 2008-10-22 06:30 0000 7.27 KB Details
opera-9.61.ebuild updated opera 9.61 ebuild text/plain George Wu 2008-10-22 17:57 0000 7.38 KB Details
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 243060 depends on: Show dependency tree
Bug 243060 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-10-21 14:57 0000 
Opera 9.61 for Linux Changelog
Release Notes

Opera 9.61 is a recommended security upgrade. Please see the Security section.

Opera 9.61 incorporates the Opera Presto 2.1.1 user agent engine.
Changes since Opera 9.6
User Interface

    * Fixed an issue with Opera Link which could generate duplicate bookmarks
during the synchronization process
    * The image toggle button on the status bar is now a normal button, and
does not have a menu

Security

    * Fixed an issue where History Search could be used to reveal browsing
history, as reported by Roberto Suggi Liverani of Security-Assessment.com; see
our advisory
    * Fast Forward can no longer allow cross-site scripting, as reported by
David Bloom; see our advisory
    * Prevented news feed preview from revealing the contents of unrelated news
feeds, as reported by David Bloom; see our advisory

------- Comment #1 From Robert Buchholz 2008-10-21 14:58:18 0000 ------- 
jer is currently .away, i wonder if someone else wants to bump.

------- Comment #2 From George Wu 2008-10-22 06:30:35 0000 ------- 
Created an attachment (id=169368) [details]
opera 9.61 ebuild first stab

had to remove x86-fbsd (hasn't hit mirrors yet?)

------- Comment #3 From Robert Buchholz 2008-10-22 09:27:17 0000 ------- 
*** Bug 243182 has been marked as a duplicate of this bug. ***

------- Comment #4 From George Wu 2008-10-22 17:57:05 0000 ------- 
Created an attachment (id=169450) [details]
updated opera 9.61 ebuild

readded keywords, fbsd link

------- Comment #5 From George Wu 2008-10-22 18:01:58 0000 ------- 
tested working on x86,
is there a reason why gentoo/freebsd users use the freebsd 5/opera build when
there's a freebsd 7/opera build available?

------- Comment #6 From Robert Buchholz 2008-10-22 18:04:17 0000 ------- 
 CVE-2008-4696 History Search infoleak by insufficient escaping
 CVE-2008-4697 Fast Forward XSS
 CVE-2008-4698 improper script blocking for unrelated news feeds

------- Comment #7 From Robert Buchholz 2008-10-22 19:02:07 0000 ------- 
(In reply to comment #4)
> Created an attachment (id=169450) [edit] [details]
> updated opera 9.61 ebuild

Bumped, thank you. I will wait a day to add arches to see if anything
problematic comes up.

------- Comment #8 From Robert Buchholz 2008-10-24 10:02:14 0000 ------- 
Arches, please test and mark stable:
=www-client/opera-9.61
Target keywords : "amd64 ppc x86"

------- Comment #9 From Tobias Heinlein 2008-10-24 17:54:34 0000 ------- 
amd64 stable

------- Comment #10 From Jeroen Roovers 2008-10-24 22:06:16 0000 ------- 
(In reply to comment #5)
> tested working on x86,
> is there a reason why gentoo/freebsd users use the freebsd 5/opera build when
> there's a freebsd 7/opera build available?

It's a good question, but please file a separate bug to figure that out.

------- Comment #11 From Markus Meier 2008-10-24 22:59:28 0000 ------- 
x86 stable

------- Comment #12 From Jeroen Roovers 2008-10-29 06:37:19 0000 ------- 
@ppc: ping

------- Comment #13 From Jeroen Roovers 2008-10-30 18:25:02 0000 ------- 
@ppc: Please focus on bug #244980 now, so that opera-9.61 can be removed from
the tree as well as opera-9.60.

------- Comment #14 From Tobias Scherbaum 2008-10-30 19:18:49 0000 ------- 
(In reply to comment #13)
> @ppc: Please focus on bug #244980 now, so that opera-9.61 can be removed from
> the tree as well as opera-9.60.
> 

9.62 is stable for ppc, un'ccing

------- Comment #15 From Tobias Heinlein 2008-10-31 21:38:13 0000 ------- 
GLSA together with bug 244980.

------- Comment #16 From Tobias Heinlein 2008-11-03 19:01:48 0000 ------- 
GLSA 200811-01, thanks everyone and sorry about the delay.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug