* Specially crafted domain names can cause a memory corruption in Opera, which may lead to a crash. Successful exploitation can lead to execution of arbitrary code. http://www.opera.com/support/search/view/938/ * Opera may allow scripts to run on the feed subscription page, thereby gaining access to the feeds object. This can be used for automatic subscription of feeds, or reading other feeds. http://www.opera.com/support/search/view/939/
amd64, ppc and x86 arch developers, please test and stabilise =www-client/opera-10.01
x86 stable
CVE-2009-3831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3831): Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
ppc stable
amd64 stable, all arches done.
GLSA together with bug 283391 and bug 264831.
This issue was resolved and addressed in GLSA 201206-03 at http://security.gentoo.org/glsa/glsa-201206-03.xml by GLSA coordinator Sean Amoss (ackle).