| Summary: | www-client/opera <9.61 Multiple vulnerabilities (CVE-2008-{4696,4697,4698}) | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||||
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
| Status: | RESOLVED FIXED | ||||||||
| Severity: | minor | CC: | geo, jer, phajdan.jr, wbricks | ||||||
| Priority: | High | ||||||||
| Version: | unspecified | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| URL: | http://www.opera.com/docs/changelogs/linux/961/ | ||||||||
| Whiteboard: | B4 [glsa] | ||||||||
| Package list: | Runtime testing required: | --- | |||||||
| Attachments: |
|
||||||||
jer is currently .away, i wonder if someone else wants to bump. Created attachment 169368 [details]
opera 9.61 ebuild first stab
had to remove x86-fbsd (hasn't hit mirrors yet?)
*** Bug 243182 has been marked as a duplicate of this bug. *** Created attachment 169450 [details]
updated opera 9.61 ebuild
readded keywords, fbsd link
tested working on x86, is there a reason why gentoo/freebsd users use the freebsd 5/opera build when there's a freebsd 7/opera build available? CVE-2008-4696 History Search infoleak by insufficient escaping CVE-2008-4697 Fast Forward XSS CVE-2008-4698 improper script blocking for unrelated news feeds (In reply to comment #4) > Created an attachment (id=169450) [edit] > updated opera 9.61 ebuild Bumped, thank you. I will wait a day to add arches to see if anything problematic comes up. Arches, please test and mark stable: =www-client/opera-9.61 Target keywords : "amd64 ppc x86" amd64 stable (In reply to comment #5) > tested working on x86, > is there a reason why gentoo/freebsd users use the freebsd 5/opera build when > there's a freebsd 7/opera build available? It's a good question, but please file a separate bug to figure that out. x86 stable @ppc: ping @ppc: Please focus on bug #244980 now, so that opera-9.61 can be removed from the tree as well as opera-9.60. (In reply to comment #13) > @ppc: Please focus on bug #244980 now, so that opera-9.61 can be removed from > the tree as well as opera-9.60. > 9.62 is stable for ppc, un'ccing GLSA together with bug 244980. GLSA 200811-01, thanks everyone and sorry about the delay. |
Opera 9.61 for Linux Changelog Release Notes Opera 9.61 is a recommended security upgrade. Please see the Security section. Opera 9.61 incorporates the Opera Presto 2.1.1 user agent engine. Changes since Opera 9.6 User Interface * Fixed an issue with Opera Link which could generate duplicate bookmarks during the synchronization process * The image toggle button on the status bar is now a normal button, and does not have a menu Security * Fixed an issue where History Search could be used to reveal browsing history, as reported by Roberto Suggi Liverani of Security-Assessment.com; see our advisory * Fast Forward can no longer allow cross-site scripting, as reported by David Bloom; see our advisory * Prevented news feed preview from revealing the contents of unrelated news feeds, as reported by David Bloom; see our advisory