Summary: | net-www/opera : file creation/truncation vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Boris <1723542c42148b2fe4af9f7ad1e382b30d4b7fd7> |
Component: | GLSA Errors | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bugs.gentoo.org, lanius, troworld |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.opera.com/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | opera-7.50.ebuild.patch |
Description
Boris
2004-05-12 09:03:08 UTC
Created attachment 31273 [details, diff]
opera-7.50.ebuild.patch
*** Bug 50920 has been marked as a duplicate of this bug. *** Opera Telnet URI Handler File Creation/Truncation Vulnerability http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true An addition to the vulnerability: The bug is fixed since opera-7.50_beta1. See the change Changelog for this http://www.opera.com/windows/changelogs/750b1/ Please please bump. already bumped it, forgot to make a change to the bug ;) Reopened as a security bug to treat the Opera Telnet URI Handler File Creation/Truncation Vulnerability in v <= 7.50 GLSA. amd64 : please add ~amd64 sparc : please mark stable Opera-7.50 complains on both x86 and sparc that it cannot find a spellcheck.so to load when it starts (this library is provided by opera). It doesn't appear to effect the browser itself much as you can still run it, but I haven't tested the mail components. Do we want to try and fix this now or after the GLSA? So do we care that opera cannot load the spellcheck library or not? Heinrich: could you look into the spellcheck.so problem ? If it's an easy fix, it would probably be better to have it in. If it's not, we'll probably mark stable this version so taht the GLSA can get out... since it is an configuration issue and another bug is open for it, we can close this one if the other arches mark 7.50 stable sparc : please retest with 7.50-r1 and mark stable, the spellcheck issue should be solved (see bug #51183). Removing ppc and amd64 from Cc: since no stable flags are needed from them. Marked stable on sparc. Thanks Jason ! This one is ready for a GLSA. glsa 200405-19 |