No 9.26 build is available yet, no published vulnerability either, it seems.
Quote from the URL:
"We are also addressing a few security issues; details will be
published in due time."
File is already available (though not announced) on: ftp://get.opera.com/pub/opera/linux/926/final/
Haven't found a ChangeLog yet, but one could prepare an ebuild
(In reply to comment #2)
> File is already available (though not announced) on:
Thanks for noticing.
> Haven't found a ChangeLog yet, but one could prepare an ebuild
Sure I could, put I won't put it in the tree until it's mirrored.
www-client/opera-9.26 is in the tree.
Arches please test and mark stable. Target keywords are:
opera-9.26.ebuild:KEYWORDS="amd64 ppc sparc x86 ~x86-fbsd"
details are out, no major issues.
This one is ready for GLSA vote.
Fixed in release snapshot.
I'd rather go for a YES here.
Thx for the info rbu.
GLSA request filed.
Opera before 9.26 allows user-assisted remote attackers to read
arbitrary files by tricking a user into typing the characters of the
target filename into a file input.
Opera before 9.26 allows user-assisted remote attackers to execute
arbitrary script via images that contain custom comments, which are
treated as script when the user displays the image properties.
Opera before 9.26 allows remote attackers to "bypass sanitization
filters" and conduct cross-site scripting (XSS) attacks via crafted
attribute values in an XML document, which are not properly handled
during DOM presentation.