Comment 1 Carsten Lohrke (RETIRED) 2008-07-03 15:19:37 UTC

Please do not file 0'day requests. When the maintainer doesn't react within a week, it's early enough to do so.

Comment 2 Jeroen Roovers (RETIRED) 2008-07-03 20:45:45 UTC

(In reply to comment #0)
> http://www.opera.com/download/linux/
> 
> Version bump ftw ;)

Thank you very much for reporting. Sorry I couldn't respond sooner.

Please don't be discouraged by the request not to file "0-day" requests. I've never seen any developer respond badly to such early version bump request filings - especially with cases such as this one, where there are security vulnerabilities to fix.

Comment 3 Jeroen Roovers (RETIRED) 2008-07-03 20:48:48 UTC

== Security ==
* Fixed an issue where <canvas> functions could reveal data from random places in memory, as reported by Philip Taylor. See our advisory[1].
* Security status is now correctly set when navigating from HTTP to HTTPS.
* Corrected an issue related to OCSP and CRLs[2] that would lower security. 
Note: This will take effect with the weekly update, or when checking manually for an update (Help > Check for Updates).

[1] http://www.opera.com/support/search/view/887/
[2] http://my.opera.com/yngve/blog/2008/06/27/nobody-checks-the-padlock-debunked-by-opera-users

Comment 4 Carsten Lohrke (RETIRED) 2008-07-03 21:47:36 UTC

(In reply to comment #2)
> Please don't be discouraged by the request not to file "0-day" requests. I've
> never seen any developer respond badly to such early version bump request
> filings - especially with cases such as this one, where there are security
> vulnerabilities to fix.

Are you trying to start a pissing contest? This is my copy and paste standard phrase for "early" version bump requests. Quite a number of devs are not amused by a certain subset of users filing requests for software the second the release announcement is out. Most of us find more time-consuming bug spam in our inboxes, than we like. Filing a bug wrt. a vulnerabilty ASAP is fine of course, but I really do not have the time to look up for every single version bump request, if this may be the case. Bug has been assigned, so all is fine and there's no point to send bug spam my way should this happen again in future. Thanks.

Comment 5 Jeroen Roovers (RETIRED) 2008-07-03 22:59:38 UTC

# ChangeLog for www-client/opera
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/www-client/opera/ChangeLog,v 1.255 2008/07/03 22:52:38 jer Exp $

*opera-9.51 (03 Jul 2008)

  03 Jul 2008; Jeroen Roovers <jer@gentoo.org> +opera-9.51.ebuild:
  Version bump thanks to georgia_tech_swagger (bug #230633). Allow amd64 users
  to choose any x86 version (bug #227339).

Comment 6 Robert Buchholz (RETIRED) 2008-07-03 23:34:59 UTC

Arches, please test and mark stable:
=www-client/opera-9.51
Target keywords : "amd64 ppc sparc x86"

Comment 7 Jeroen Roovers (RETIRED) 2008-07-03 23:59:21 UTC

@amd64: It's probably a good idea to mask the new `ia32' USE flag (bug # for more info) generally and then unmask it for amd64, while you're at it. :)

Comment 8 Christian Faulhammer (RETIRED) 2008-07-04 06:42:59 UTC

x86 stable

Comment 9 Raúl Porcel (RETIRED) 2008-07-04 18:25:58 UTC

no 9.5x versions on sparc, so nothing to do here

Comment 10 Thomas Anderson (tanderson) (RETIRED) 2008-07-04 21:00:14 UTC

amd64 stable

Comment 11 Tobias Scherbaum (RETIRED) 2008-07-05 10:30:59 UTC

ppc stable

Comment 12 Jeroen Roovers (RETIRED) 2008-07-05 15:10:17 UTC

Removed <www-client/opera-9.51.

Comment 13 Matthias Geerdsen (RETIRED) 2008-07-07 13:58:20 UTC

voting for NO glsa

Comment 14 Pierre-Yves Rofes (RETIRED) 2008-07-07 14:10:30 UTC

voting NO too and closing.