Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 340655 - <www-client/opera-10.63 multiple vulnerabilities (CVE-2010-{4043,4044,4045,4046,4047,4048,4049,4050})
Summary: <www-client/opera-10.63 multiple vulnerabilities (CVE-2010-{4043,4044,4045,40...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.opera.com/docs/changelogs/...
Whiteboard: B3? [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-10-12 11:25 UTC by Christian Faulhammer (RETIRED)
Modified: 2011-06-14 09:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Faulhammer (RETIRED) gentoo-dev 2010-10-12 11:25:18 UTC 
* Fixed an issue that allowed cross-domain checks to be bypassed, allowing limited data theft using CSS, as reported by Isaac Dawson
* Fixed an issue where manipulating the window could be used to spoof the page address
* Fixed an issue with reloads and redirects that could allow spoofing and cross-site scripting
* Fixed an issue that allowed private video streams to be intercepted, as reported by Nirankush Panchbhai of Microsoft Vulnerability Research
* Fixed an issue that caused JavaScript to run in the wrong security context after manual interaction
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2010-10-12 16:00:28 UTC 
Arch teams, please test and mark stable:
=www-client/opera-10.63
Target KEYWORDS="amd64 ppc x86"
Comment 2 Andreas Schürch gentoo-dev 2010-10-13 07:35:57 UTC 
It looks good over here on x86.
Comment 3 Christian Faulhammer (RETIRED) gentoo-dev 2010-10-13 07:49:31 UTC 
x86 stable, thanks Andreas.
Comment 4 Markos Chandras (RETIRED) gentoo-dev 2010-10-13 11:28:41 UTC 
amd64 done
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2010-10-15 02:03:58 UTC 
Stable for PPC. 10.61 removed.
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2011-01-02 03:11:12 UTC 
Thanks, folks. 

GLSA Vote: no.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2011-01-03 20:55:34 UTC 
GLSA Vote: no -> Closing. Feel free to reopen if you disagree.