Gentoo Bug 73871 - net-www/opera: Still vulnerable to Window Injection

Description:

Opened: 2004-12-08 23:57 0000

Secunia has reported a window injection vulnerability. Details in URL.

------- Comment #1 From Thierry Carrez (RETIRED) 2004-12-09 01:53:47 0000 -------

Unconfirmed. Ccing maintainer to confirm / keep track of upstream.

------- Comment #2 From Sune Kloppenborg Jeppesen 2004-12-09 02:12:28 0000 -------

Confirmed with Version 7.54 Final Build 751

------- Comment #3 From Sune Kloppenborg Jeppesen 2004-12-18 03:07:03 0000 -------

This is fixed by 7.54u1 on bug #74076

------- Comment #4 From Thierry Carrez (RETIRED) 2004-12-21 06:26:55 0000 -------

According to http://secunia.com/advisories/13253/ Opera just partly fixed the
windows injection vulnerability :

---------
The vendor has issued Security update 7.54u1. However, this update only fixes
certain attack vectors, but not the vulnerability. Other attack vectors can
therefore still be exploited.
---------

I'll reopen this bug as a tracker for the window injection things that may
remain. We'll address those fixed in 7.54u1 in bug 74076.

------- Comment #5 From Thierry Carrez (RETIRED) 2004-12-21 06:27:26 0000 -------

Reopening

------- Comment #6 From Sune Kloppenborg Jeppesen 2005-02-07 06:52:09 0000 -------

Opera 7.54u2 has been released to fix this and other problems. Lanius please
provide an updated ebuild.

------- Comment #7 From Heinrich Wendel (RETIRED) 2005-02-08 09:58:32 0000 -------

bumped to opera-7.54-r2, stable on amd64, x86

------- Comment #8 From Gustavo Zacarias (RETIRED) 2005-02-09 07:18:56 0000 -------

sparc stable.

------- Comment #9 From Sune Kloppenborg Jeppesen 2005-02-09 07:42:10 0000 -------

Please vote on GLSA. I vote YES.

Note that this also fixes (afair):
bug #74076
bug #74321

Changes since 7.54:

Tightened origin check for frames, fixing issue reported in Secunia Advisory 13253. A side effect of this is that documents not passing the origin check will open in a new page.
Fixed issue reported by Marc Sch

------- Comment #10 From Sune Kloppenborg Jeppesen 2005-02-09 07:42:10 0000 -------

Please vote on GLSA. I vote YES.

Note that this also fixes (afair):
bug #74076
bug #74321

Changes since 7.54:

Tightened origin check for frames, fixing issue reported in Secunia Advisory 13253. A side effect of this is that documents not passing the origin check will open in a new page.
Fixed issue reported by Marc Schönefeld: intrusive JavaScript or Java applet could exploit Sun Java vulnerability to retrieve logged-in user's username and install directory.
Fixed LiveConnect class access security issue reported by Jouko Pynnönen.
Fixed download issue reported by Andreas Sandblad, Secunia Research, described in Secunia Advisory 12981: periods and non-breaking spaces in content-type header type could obscure file type.
Improved support for the "must-revalidate" cache directive.

Changes since 7.54u1:


Security

Solved data URL issue described in Secunia Advisory SA13818
Additional fixes for frame injection issue reported in Secunia Advisory SA13253

Miscellaneous

Improvements to handling of the must-revalidate directive.
Solved stability issue in Japanese version.

UNIX specific

Added extra warning dialog when opening .sh, .desktop or executables directly from Web or from transfer manager with kfmclient exec. Addresses issue reported in Secunia Advisory SA13447.
Fixed crash when importing e-mail.

------- Comment #11 From Thierry Carrez (RETIRED) 2005-02-09 09:08:37 0000 -------

I agree on YES.

------- Comment #12 From Sune Kloppenborg Jeppesen 2005-02-14 11:40:07 0000 -------

GLSA 200502-17

Bug 73871 depends on:			Show dependency tree
Bug 73871 blocks:	74076		Show dependency tree

Bugzilla Bug 73871

net-www/opera: Still vulnerable to Window Injection

Last modified: 2005-02-14 11:40:07 0000