CVE-2010-0653 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0653): Opera permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document.
I thought this vuln might be related to [1] (fixed in 10.11), but that seems to be a much wider issue. Note that the [URL]'s reference[2] mentions Opera and practically all other browsers only in the description at the top of the report, and there's one comment mentioning Opera again. Webkit and IE fixes are discussed but nothing about (talking to) Opera. [1] http://www.opera.com/support/kb/view/955/ [2] http://code.google.com/p/chromium/issues/detail?id=9877
Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201206-03 at http://security.gentoo.org/glsa/glsa-201206-03.xml by GLSA coordinator Sean Amoss (ackle).
