According to this
According to this¹ site, Opera, similar to the recently fixed openssl and mozilla packages, accepts faked ssl certificates as well. [1] http://www.cdc.informatik.tu-darmstadt.de/securebrowser/
This should be fixed in 9.02.
*** Bug 148489 has been marked as a duplicate of this bug. ***
Axxo, 9.02 is available. Please bump.
Huh, isn't that 9.02 RC2, still?
/me kicks squid :(
Created attachment 97697 [details] opera 9.02 ebuild
Created attachment 97698 [details, diff] opera 9.02 install patch put into files/ directory with ebuild
(In reply to comment #6) > Created an attachment (id=97697) [edit] > opera 9.02 ebuild > (In reply to comment #7) > Created an attachment (id=97698) [edit] > opera 9.02 install patch > > put into files/ directory with ebuild > Sorry, both of you. As bug 146702 shows, the ebuild has been in the tree for a few decaminutes and the stabilisation procedure has started. This bug depends on the stabilisation bug.
www-client/opera-9.02 is stable on all arches.
This one is ready for GLSA vote.
*cough* stabling of security bugs should be handled on the related security bug report, not on other bug reports ...
@Jeroen, Tobias is right. We usually mark stable on the security bug so arches know what is up.
(In reply to comment #12) > @Jeroen, Tobias is right. We usually mark stable on the security bug so arches > know what is up. Right. Could you point me toward the relevant documentation?
http://www.gentoo.org/security/en/vulnerability-policy.xml http://www.gentoo.org/security/en/coordinator_guide.xml Only some parts of the GLSA Coordinator Guide are relevant. If you have any questions just pop in #-security and ask. Now back to bug voting :-)
tending to vote yes
Security please vote.
Since it contains a fix for the same problem as GLSA'd openssl/gnutls I say YES.
Voting YES. Let's have a GLSA.
GLSA 200609-18 thanks everyone